2 matches found
CVE-2023-6570
CVE-2023-6570 describes a Server-Side Request Forgery (SSRF) in kubeflow/kubeflow. The Red Hat entry explains that any user can cause the Kubeflow server to proxy requests via the namespace parameter in /pipeline/artifacts/get, potentially hijacking a user session by stealing the authentication c...
CVE-2023-6570 Server-Side Request Forgery (SSRF) in kubeflow/kubeflow
Server-Side Request Forgery SSRF in kubeflow/kubeflow...