3 matches found
CVE-2023-6974
CVE-2023-6974 is a server-side request forgery (SSRF) affecting MLflow. The connected documents describe an issue where a malicious user can abuse redirects during artifact fetching to access internal HTTP(S) servers and, in the worst case, achieve remote code execution on the victim machine. The...
CVE-2023-6974 Server-Side Request Forgery (SSRF)
A malicious user could use this issue to access internal HTTPs servers and in the worst case ie: aws instance it could be abuse to get a remote code execution on the victim machine...
CVE-2023-6974 Server-Side Request Forgery (SSRF)
A malicious user could use this issue to access internal HTTPs servers and in the worst case ie: aws instance it could be abuse to get a remote code execution on the victim machine...