Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:48 a.m.4 views

CVE-2023-6831

Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2...

8.1CVSS6.7AI score0.0329EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/11/12 12:0 a.m.20 views

MLflow < 2.9.2 Path Traversal Vulnerability

Path Traversal: '..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 Tenable, Inc. include'compat.inc'; if description scriptid210769;...

8.1CVSS8.2AI score0.0329EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2024/04/16 12:30 a.m.49 views

mlflow vulnerable to Path Traversal

A path traversal vulnerability exists in the mlflow/mlflow repository, specifically within the artifact deletion functionality. Attackers can bypass path validation by exploiting the double decoding process in the deleteartifactmlflowartifacts handler and localfileuritopath function, allowing for...

8.1CVSS8AI score0.00856EPSS
Exploits1References3Affected Software1
vulnersOsv
vulnersOsv
added 2023/12/15 3:30 a.m.4 views

a2 (>=0.1.0 <=0.3.17), abnativ (>=1.1.0 <=1.2.9) +339 more potentially affected by CVE-2023-6831 via mlflow (>=0.8.2 <=2.9.1)

mlflow PYPI version =0.8.2, =0.1.0, =1.1.0, =0.0.5, =0.1.0, =0.1.0, =1.7.0, =1.7.0, =1.8.0, =1.7.0, =1.7.0, =0.1.1, =0.1.5 - anovos =1.1.0 and more Source cves: CVE-2023-6831 Source advisory: OSV:GHSA-554W-XH4J-8W64...

8.1CVSS7.2AI score0.0329EPSS
Exploits1
Cvelist
Cvelist
added 2023/12/15 12:0 a.m.28 views

CVE-2023-6831 Path Traversal: '\..\filename' in mlflow/mlflow

Path Traversal: '..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2...

8.1CVSS8.2AI score0.0329EPSS
Exploits1References2
OSV
OSV
added 2023/12/15 12:0 a.m.23 views

CVE-2023-6831 Path Traversal: '\..\filename' in mlflow/mlflow

Path Traversal: '..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2...

8.1CVSS7.2AI score0.0329EPSS
Exploits1References4
Rows per page
Query Builder