HIGH 8.8 PyPI
Path traversal in MLflow
GHSA-v945-r3rc-6fjm · BIT-mlflow-2023-6753 · CVE-2023-6753 · PYSEC-2023-309
Published · Modified
Description
Path Traversal in GitHub repository mlflow/mlflow prior to 2.9.2.
References
- ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2023-6753
- WEB https://github.com/mlflow/mlflow/commit/1c6309f884798fbf56017a3cc808016869ee8de4
- PACKAGE https://github.com/mlflow/mlflow
- WEB https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2023-309.yaml
- WEB https://huntr.com/bounties/b397b83a-527a-47e7-b912-a12a17a6cfb4
Ready to move
Start Securing
Free, no credit card | First findings in minutes