VertaAI ModelDB - Path Traversal

The endpoint "/api/v1/artifact/getArtifact?artifactpath=" is vulnerable to path traversal. The main cause of this vulnerability is due to the lack of validation and sanitization of the artifactpath parameter. id: CVE-2023-6023 info: name: VertaAI ModelDB - Path Traversal author:...

CVE-2023-6023

An attacker can read any file on the filesystem on the server hosting ModelDB through an LFI in the artifactpath URL parameter...

Malicious code in modeldb-vis (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1a96162bc850d1cdd271c5fba070bedf3477359301f09f9991c578413eefc136 The OpenSSF Package Analysis project identified 'modeldb-vis' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2025-3139 Malicious code in modeldb-vis (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1a96162bc850d1cdd271c5fba070bedf3477359301f09f9991c578413eefc136 The OpenSSF Package Analysis project identified 'modeldb-vis' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

VulnCheck KEV: CVE-2023-6023

An attacker can read any file on the filesystem on the server hosting ModelDB through an LFI in the artifactpath URL parameter...

ModelDB Path Traversal Vulnerability

ModelDB is an open source system for machine learning model version control, metadata and experiment management open source by VertaAI. ModelDB suffers from a path traversal vulnerability that arises from improper cleaning of user-supplied file paths in the file upload function. This vulnerabilit...

CVE-2024-1961

vertaai/modeldb is vulnerable to a path traversal attack due to improper sanitization of user-supplied file paths in its file upload functionality. Attackers can exploit this vulnerability to write arbitrary files anywhere in the file system by manipulating the 'artifactpath' parameter. This flaw...

CVE-2024-1961 Path Traversal leading to Arbitrary File Write and RCE in vertaai/modeldb

vertaai/modeldb is vulnerable to a path traversal attack due to improper sanitization of user-supplied file paths in its file upload functionality. Attackers can exploit this vulnerability to write arbitrary files anywhere in the file system by manipulating the 'artifactpath' parameter. This flaw...

ModelDB 路径遍历漏洞

ModelDB is an open source system for machine learning model version control, metadata and experiment management open source by VertaAI. ModelDB suffers from a path traversal vulnerability that arises from improper cleaning of user-supplied file paths in the file upload function. This vulnerabilit...

CVE-2023-6023

An attacker can read any file on the filesystem on the server hosting ModelDB through an LFI in the artifactpath URL parameter...

CVE-2023-6023

An attacker can read any file on the filesystem on the server hosting ModelDB through an LFI in the artifactpath URL parameter...

Code injection

An attacker can read any file on the filesystem on the server hosting ModelDB through an LFI in the artifactpath URL parameter...

CVE-2023-6023

VertaAI ModelDB is affected by CVE-2023-6023 (Path Traversal/LFI). The Nuclei template identifies the vulnerable endpoint as /api/v1/artifact/getArtifact?artifact_path= with no validation or sanitization of artifact_path, enabling an attacker to read arbitrary files from the server filesystem. Im...

CVE-2023-6023 ModelDB Local File Include

An attacker can read any file on the filesystem on the server hosting ModelDB through an LFI in the artifactpath URL parameter...

ModelDB Security Vulnerabilities

ModelDB is an open source system for machine learning model version control, metadata, and experiment management from VertaAI. ModelDB has a security vulnerability that stems from a remote file inclusion LFI vulnerability in the artifactpath URL parameter. An attacker can exploit this vulnerabili...