Lucene search
K

514 matches found

vulnersOsv
vulnersOsv
added 2025/09/25 6:30 p.m.4 views

cde (=0.2.0.1), env-wrappers (>=0.1.1 <=0.1.22) +1 more potentially affected by CVE-2025-10952 via ml-logger (=0.10.36)

ml-logger PYPI version =0.10.36 is affected by a known vulnerability. The following packages have a transitive dependency on ml-logger and may be impacted: - cde =0.2.0.1 - env-wrappers =0.1.1, =0.1.22 - graph-search =0.1.0 Source cves: CVE-2025-10952 Source advisory: OSV:GHSA-9X36-C74V-FGR6...

6.9CVSS6AI score0.0034EPSS
Exploits0
OSV
OSV
added 2025/09/25 6:30 p.m.1 views

GHSA-9X36-C74V-FGR6 ml-logger file handler allows reading arbitrary files

A security flaw has been discovered in geyang ml-logger up to acf255bade5be6ad88d90735c8367b28cbe3a743. Affected by this issue is the function streamhandler of the file mllogger/server.py of the component File Handler. Performing manipulation of the argument key results in information disclosure...

6.9CVSS6.7AI score0.0034EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2025/09/25 6:30 p.m.6 views

ml-logger file handler allows reading arbitrary files

A security flaw has been discovered in geyang ml-logger up to acf255bade5be6ad88d90735c8367b28cbe3a743. Affected by this issue is the function streamhandler of the file mllogger/server.py of the component File Handler. Performing manipulation of the argument key results in information disclosure...

6.9CVSS6.7AI score0.0034EPSS
Exploits0References6Affected Software1
vulnersOsv
vulnersOsv
added 2025/09/25 6:30 p.m.3 views

cde (=0.2.0.1), env-wrappers (>=0.1.1 <=0.1.22) +1 more potentially affected by CVE-2025-10952 via ml-logger (=0.10.36)

ml-logger PYPI version =0.10.36 is affected by a known vulnerability. The following packages have a transitive dependency on ml-logger and may be impacted: - cde =0.2.0.1 - env-wrappers =0.1.1, =0.1.22 - graph-search =0.1.0 Source cves: CVE-2025-10952 Source advisory: SNYK:PYTHON-MLLOGGER-1311003...

6.9CVSS6AI score0.0034EPSS
Exploits0
NVD
NVD
added 2025/09/25 4:15 p.m.4 views

CVE-2025-10952

A security flaw has been discovered in geyang ml-logger up to acf255bade5be6ad88d90735c8367b28cbe3a743. Affected by this issue is the function streamhandler of the file mllogger/server.py of the component File Handler. Performing manipulation of the argument key results in information disclosure...

6.9CVSS0.0034EPSS
Exploits0References4
OSV
OSV
added 2025/09/25 4:15 p.m.3 views

CVE-2025-10952

A security flaw has been discovered in geyang ml-logger up to acf255bade5be6ad88d90735c8367b28cbe3a743. Affected by this issue is the function streamhandler of the file mllogger/server.py of the component File Handler. Performing manipulation of the argument key results in information disclosure...

6.9CVSS5.4AI score0.0034EPSS
Exploits0References4
CVE
CVE
added 2025/09/25 3:32 p.m.11 views

CVE-2025-10952

The CVE-2025-10952 entry concerns geyang ml-logger (ml_logger/server.py, stream_handler). The vulnerability arises from manipulation of the key argument in stream_handler, enabling information disclosure through a remote attack. Multiple sources confirm the flaw affects ml-logger and that no vers...

6.9CVSS5.4AI score0.0034EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/09/25 3:32 p.m.9 views

CVE-2025-10952 geyang ml-logger File server.py stream_handler information disclosure

A security flaw has been discovered in geyang ml-logger up to acf255bade5be6ad88d90735c8367b28cbe3a743. Affected by this issue is the function streamhandler of the file mllogger/server.py of the component File Handler. Performing manipulation of the argument key results in information disclosure...

6.9CVSS0.0034EPSS
Exploits0References4
OSV
OSV
added 2025/09/25 3:30 p.m.2 views

GHSA-57HM-8RJV-498W ml-logger deserialization vulnerability

A vulnerability was determined in geyang ml-logger 0.10.36 and prior. Affected is the function loghandler of the file mllogger/server.py of the component Ping Handler. This manipulation of the argument data causes deserialization. It is possible to initiate the attack remotely. The exploit has be...

6.3CVSS6.8AI score0.00288EPSS
Exploits0References6
vulnersOsv
vulnersOsv
added 2025/09/25 3:30 p.m.5 views

cde (=0.2.0.1), env-wrappers (>=0.1.1 <=0.1.22) +1 more potentially affected by CVE-2025-10950 via ml-logger (=0.10.36)

ml-logger PYPI version =0.10.36 is affected by a known vulnerability. The following packages have a transitive dependency on ml-logger and may be impacted: - cde =0.2.0.1 - env-wrappers =0.1.1, =0.1.22 - graph-search =0.1.0 Source cves: CVE-2025-10950 Source advisory: SNYK:PYTHON-MLLOGGER-1311002...

6.5CVSS6.5AI score0.00288EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/09/25 3:30 p.m.5 views

cde (=0.2.0.1), env-wrappers (>=0.1.1 <=0.1.22) +1 more potentially affected by CVE-2025-10951 via ml-logger (=0.10.36)

ml-logger PYPI version =0.10.36 is affected by a known vulnerability. The following packages have a transitive dependency on ml-logger and may be impacted: - cde =0.2.0.1 - env-wrappers =0.1.1, =0.1.22 - graph-search =0.1.0 Source cves: CVE-2025-10951 Source advisory: OSV:GHSA-8X9J-2P8R-7XC6...

7.5CVSS7AI score0.00558EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/09/25 3:30 p.m.4 views

cde (=0.2.0.1), env-wrappers (>=0.1.1 <=0.1.22) +1 more potentially affected by CVE-2025-10950 via ml-logger (=0.10.36)

ml-logger PYPI version =0.10.36 is affected by a known vulnerability. The following packages have a transitive dependency on ml-logger and may be impacted: - cde =0.2.0.1 - env-wrappers =0.1.1, =0.1.22 - graph-search =0.1.0 Source cves: CVE-2025-10950 Source advisory: OSV:GHSA-57HM-8RJV-498W...

6.5CVSS6.5AI score0.00288EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/09/25 3:30 p.m.4 views

cde (=0.2.0.1), env-wrappers (>=0.1.1 <=0.1.22) +1 more potentially affected by CVE-2025-10951 via ml-logger (=0.10.36)

ml-logger PYPI version =0.10.36 is affected by a known vulnerability. The following packages have a transitive dependency on ml-logger and may be impacted: - cde =0.2.0.1 - env-wrappers =0.1.1, =0.1.22 - graph-search =0.1.0 Source cves: CVE-2025-10951 Source advisory: SNYK:PYTHON-MLLOGGER-1311002...

7.5CVSS7AI score0.00558EPSS
Exploits0
OSV
OSV
added 2025/09/25 3:30 p.m.2 views

GHSA-8X9J-2P8R-7XC6 ml-logger has path traversal in the file argument

A vulnerability was identified in geyang ml-logger 0.10.36 and prior. Affected by this vulnerability is the function loghandler of the file mllogger/server.py. Such manipulation of the argument File leads to path traversal. It is possible to launch the attack remotely. The exploit is publicly...

7.3CVSS7AI score0.00558EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2025/09/25 3:30 p.m.8 views

ml-logger has path traversal in the file argument

A vulnerability was identified in geyang ml-logger 0.10.36 and prior. Affected by this vulnerability is the function loghandler of the file mllogger/server.py. Such manipulation of the argument File leads to path traversal. It is possible to launch the attack remotely. The exploit is publicly...

7.5CVSS7AI score0.00558EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2025/09/25 3:30 p.m.7 views

ml-logger deserialization vulnerability

A vulnerability was determined in geyang ml-logger 0.10.36 and prior. Affected is the function loghandler of the file mllogger/server.py of the component Ping Handler. This manipulation of the argument data causes deserialization. It is possible to initiate the attack remotely. The exploit has be...

6.5CVSS6.8AI score0.00288EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2025/09/25 3:16 p.m.6 views

CVE-2025-10951

A vulnerability was identified in geyang ml-logger up to acf255bade5be6ad88d90735c8367b28cbe3a743. Affected by this vulnerability is the function loghandler of the file mllogger/server.py. Such manipulation of the argument File leads to path traversal. It is possible to launch the attack remotely...

7.5CVSS0.00558EPSS
Exploits0References4
NVD
NVD
added 2025/09/25 3:16 p.m.5 views

CVE-2025-10950

A vulnerability was determined in geyang ml-logger up to acf255bade5be6ad88d90735c8367b28cbe3a743. Affected is the function loghandler of the file mllogger/server.py of the component Ping Handler. This manipulation of the argument data causes deserialization. It is possible to initiate the attack...

6.5CVSS0.00288EPSS
Exploits0References4
OSV
OSV
added 2025/09/25 3:16 p.m.5 views

CVE-2025-10951

A vulnerability was identified in geyang ml-logger up to acf255bade5be6ad88d90735c8367b28cbe3a743. Affected by this vulnerability is the function loghandler of the file mllogger/server.py. Such manipulation of the argument File leads to path traversal. It is possible to launch the attack remotely...

6.9CVSS5.6AI score0.00558EPSS
Exploits0References4
OSV
OSV
added 2025/09/25 3:16 p.m.7 views

CVE-2025-10950

A vulnerability was determined in geyang ml-logger up to acf255bade5be6ad88d90735c8367b28cbe3a743. Affected is the function loghandler of the file mllogger/server.py of the component Ping Handler. This manipulation of the argument data causes deserialization. It is possible to initiate the attack...

5.3CVSS5.5AI score0.00288EPSS
Exploits0References4
Rows per page
Query Builder