11 matches found
EUVD-2024-0115
Malicious code in bioql PyPI...
CVE-2024-27134
Excessive directory permissions in MLflow leads to local privilege escalation when using sparkudf. This behavior can be exploited by a local attacker to gain elevated permissions by using a ToCToU attack. The issue is only relevant when the sparkudf MLflow API is called...
BIT-MLFLOW-2024-27134 Excessive directory permissions in MLflow leads to local privilege escalation when using spark_udf
Excessive directory permissions in MLflow leads to local privilege escalation when using sparkudf. This behavior can be exploited by a local attacker to gain elevated permissions by using a ToCToU attack. The issue is only relevant when the sparkudf MLflow API is called...
MLflow's excessive directory permissions allow local privilege escalation
Excessive directory permissions in MLflow leads to local privilege escalation when using sparkudf. This behavior can be exploited by a local attacker to gain elevated permissions by using a ToCToU attack. The issue is only relevant when the sparkudf MLflow API is called...
GHSA-QPGC-W4MG-6V92 MLflow's excessive directory permissions allow local privilege escalation
Excessive directory permissions in MLflow leads to local privilege escalation when using sparkudf. This behavior can be exploited by a local attacker to gain elevated permissions by using a ToCToU attack. The issue is only relevant when the sparkudf MLflow API is called...
CVE-2024-27134
Excessive directory permissions in MLflow leads to local privilege escalation when using sparkudf. This behavior can be exploited by a local attacker to gain elevated permissions by using a ToCToU attack. The issue is only relevant when the sparkudf MLflow API is called...
PYSEC-2024-224
Excessive directory permissions in MLflow leads to local privilege escalation when using sparkudf. This behavior can be exploited by a local attacker to gain elevated permissions by using a ToCToU attack. The issue is only relevant when the sparkudf MLflow API is called...
CVE-2024-27134
Excessive directory permissions in MLflow leads to local privilege escalation when using sparkudf. This behavior can be exploited by a local attacker to gain elevated permissions by using a ToCToU attack. The issue is only relevant when the sparkudf MLflow API is called...
CVE-2024-27134 Excessive directory permissions in MLflow leads to local privilege escalation when using spark_udf
Excessive directory permissions in MLflow leads to local privilege escalation when using sparkudf. This behavior can be exploited by a local attacker to gain elevated permissions by using a ToCToU attack. The issue is only relevant when the sparkudf MLflow API is called...
CVE-2024-27134 Excessive directory permissions in MLflow leads to local privilege escalation when using spark_udf
Excessive directory permissions in MLflow leads to local privilege escalation when using sparkudf. This behavior can be exploited by a local attacker to gain elevated permissions by using a ToCToU attack. The issue is only relevant when the sparkudf MLflow API is called...
CVE-2024-27134
CVE-2024-27134 : Multiple connected sources confirm a vulnerability in MLflow’s spark_udf API where excessive directory permissions allow a local attacker to achieve privilege escalation via a ToCToU attack. Affected: MLflow (spark_udf path) with local execution context. Root cause: insufficient ...