CVE-2023-5245
CVE-2023-5245 is a path traversal/zip-slip vulnerability in MLeap where FileUtil.extract() may extract files outside the target directory. The combined description across sources ties this to MLeap’s saved_model TensorflowModel use, potentially enabling arbitrary file creation and code execution....