2 matches found
a2 (>=0.1.0 <=0.3.17), abnativ (>=1.1.0 <=1.2.9) +339 more potentially affected by CVE-2023-6018 via mlflow (>=0.8.2 <=2.9.1)
mlflow PYPI version =0.8.2, =0.1.0, =1.1.0, =0.0.5, =0.1.0, =0.1.0, =1.7.0, =1.7.0, =1.8.0, =1.7.0, =1.7.0, =0.1.1, =0.1.5 - anovos =1.1.0 and more Source cves: CVE-2023-6018 Source advisory: OSV:GHSA-5P3H-7FWH-92RC...
CVE-2023-6018
CVE-2023-6018 affects MLflow. An unauthenticated attacker can overwrite any file on the server hosting MLflow, potentially compromising integrity and enabling remote code execution per connected documents. Reported impact emphasizes unauthenticated file writes with high severity (CVSS up to 10.0 ...