Lucene search
K

4 matches found

vulnersOsv
vulnersOsv
added 2024/04/16 12:30 a.m.3 views

a2 (>=0.1.0 <=0.3.17), abnativ (>=1.1.0 <=1.2.9) +344 more potentially affected by CVE-2024-1593 via mlflow (>=0.8.2 <=2.9.2)

mlflow PYPI version =0.8.2, =0.1.0, =1.1.0, =0.0.5, =0.1.0, =0.1.0, =1.7.0, =1.7.0, =1.8.0, =1.7.0, =1.7.0, =0.1.1, =0.1.5 - anovos =1.1.0 and more Source cves: CVE-2024-1593 Source advisory: OSV:GHSA-F42M-MVFV-CGW5...

7.5CVSS7AI score0.00695EPSS
Exploits1
Cvelist
Cvelist
added 2024/04/16 12:0 a.m.26 views

CVE-2024-1593 Path Traversal via Parameter Smuggling in mlflow/mlflow

A path traversal vulnerability exists in the mlflow/mlflow repository due to improper handling of URL parameters. By smuggling path traversal sequences using the ';' character in URLs, attackers can manipulate the 'params' portion of the URL to gain unauthorized access to files or directories. Th...

7.5CVSS7.6AI score0.00695EPSS
Exploits1References1
OSV
OSV
added 2024/04/16 12:0 a.m.9 views

CVE-2024-1593 Path Traversal via Parameter Smuggling in mlflow/mlflow

A path traversal vulnerability exists in the mlflow/mlflow repository due to improper handling of URL parameters. By smuggling path traversal sequences using the ';' character in URLs, attackers can manipulate the 'params' portion of the URL to gain unauthorized access to files or directories. Th...

7.5CVSS6AI score0.00695EPSS
Exploits1References3
CVE
CVE
added 2024/04/16 12:0 a.m.74 views

CVE-2024-1593

This CVE describes a path traversal vulnerability in the mlflow/mlflow repository caused by improper handling of URL parameters. Attackers can smuggle path traversal sequences using the ';' character in URLs to manipulate the 'params' portion and access unauthorized files or directories. The repo...

7.5CVSS7.4AI score0.00695EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder