6 matches found
a2 (>=0.1.0 <=0.3.17), abnativ (>=1.1.0 <=1.2.9) +339 more potentially affected by CVE-2023-6709 via mlflow (>=0.8.2 <=2.9.1)
mlflow PYPI version =0.8.2, =0.1.0, =1.1.0, =0.0.5, =0.1.0, =0.1.0, =1.7.0, =1.7.0, =1.8.0, =1.7.0, =1.7.0, =0.1.1, =0.1.5 - anovos =1.1.0 and more Source cves: CVE-2023-6709 Source advisory: OSV:GHSA-CXFR-5Q3R-2RC2...
a2 (>=0.1.0 <=0.3.17), abnativ (>=1.1.0 <=1.2.9) +339 more potentially affected by CVE-2023-6709 via mlflow (>=0.8.2 <=2.9.1)
mlflow PYPI version =0.8.2, =0.1.0, =1.1.0, =0.0.5, =0.1.0, =0.1.0, =1.7.0, =1.7.0, =1.8.0, =1.7.0, =1.7.0, =0.1.1, =0.1.5 - anovos =1.1.0 and more Source cves: CVE-2023-6709 Source advisory: OSV:PYSEC-2023-281...
CVE-2023-6709 Improper Neutralization of Special Elements Used in a Template Engine in mlflow/mlflow
Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository mlflow/mlflow prior to 2.9.2...
CVE-2023-6709 Improper Neutralization of Special Elements Used in a Template Engine in mlflow/mlflow
Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository mlflow/mlflow prior to 2.9.2...
CVE-2023-6709
CVE-2023-6709 affects mlflow/mlflow up to version 2.9.1 (prior to 2.9.2). The issue is improper neutralization of special elements used in a template engine (Jinja2), enabling template injection with potential arbitrary code execution. Affected component: mlflow/mlflow templates; root cause: inse...
CVE-2023-6709 Improper Neutralization of Special Elements Used in a Template Engine in mlflow/mlflow
Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository mlflow/mlflow prior to 2.9.2...