CRITICAL 10.0 PyPI
Relative path traversal in mlflow
GHSA-x422-6qhv-p29g · BIT-mlflow-2023-2356 · CVE-2023-2356 · PYSEC-2023-68
Published · Modified
Description
Relative Path Traversal in GitHub repository mlflow/mlflow prior to 2.3.1.
References
- ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2023-2356
- WEB https://github.com/mlflow/mlflow/commit/f73147496e05c09a8b83d95fb4f1bf86696c6342
- PACKAGE https://github.com/mlflow/mlflow
- WEB https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2023-68.yaml
- WEB https://huntr.dev/bounties/7b5d130d-38eb-4133-8c7d-0dfc9a9d9896
Ready to move
Start Securing
Free, no credit card | First findings in minutes