Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:42 a.m.8 views

CVE-2023-30172

A directory traversal vulnerability in the /get-artifact API method of the mlflow platform up to v2.0.1 allows attackers to read arbitrary files on the server via the path parameter...

7.5CVSS6.8AI score0.00996EPSS
Exploits0References1
Circl
Circl
added 2023/05/11 7:14 a.m.6 views

CVE-2023-30172

creationtimestamp| type| source ---|---|--- 2023-05-11 07:14:59+00:00| seen| https://t.me/cibsecurity/63857...

7.5CVSS7.3AI score0.00996EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2023/05/11 3:30 a.m.4 views

a2 (>=0.1.0 <=0.3.17), agentos (>=0.0.5 <=0.0.7) +143 more potentially affected by CVE-2023-30172 via mlflow (>=0.8.2 <=1.9.1)

mlflow PYPI version =0.8.2, =0.1.0, =0.0.5, =0.1.2, =1.0.18.2, =0.0.1, =1.0.41, =1.4.0, =0.2.5, =3.0.0, =0.1.0, =0.3.5, =0.8.0, =0.0.4, =0.0.7 and more Source cves: CVE-2023-30172 Source advisory: OSV:GHSA-WC6J-5G83-XFM6...

7.5CVSS7AI score0.00996EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2023/05/11 12:0 a.m.10 views

CVE-2023-30172

A directory traversal vulnerability in the /get-artifact API method of the mlflow platform up to v2.0.1 allows attackers to read arbitrary files on the server via the path parameter...

7.4AI score0.00996EPSS
Exploits0References2
CVE
CVE
added 2023/05/11 12:0 a.m.83 views

CVE-2023-30172

CVE-2023-30172 describes a directory traversal in the mlflow platform’s /get-artifact API, allowing an attacker to read arbitrary server files via the path parameter. Affected: mlflow up to v2.0.1. Underlying cause: directory traversal in the get-artifact endpoint. Impact is high on confidentiali...

7.5CVSS7.3AI score0.00996EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder