Vulnerabilities > CVE-2023-1177 - Unspecified vulnerability in Lfprojects Mlflow
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.2.1.
Vulnerable Configurations
References
- https://github.com/mlflow/mlflow/pull/7891/commits/7162a50c654792c21f3e4a160eb1a0e6a34f6e6e
- https://github.com/mlflow/mlflow/pull/7891/commits/7162a50c654792c21f3e4a160eb1a0e6a34f6e6e
- https://huntr.dev/bounties/1fe8f21a-c438-4cba-9add-e8a5dab94e28
- https://huntr.dev/bounties/1fe8f21a-c438-4cba-9add-e8a5dab94e28