Total
31 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-1561 | 2024-05-10 | N/A | 7.5 HIGH | ||
An issue was discovered in gradio-app/gradio, where the `/component_server` endpoint improperly allows the invocation of any method on a `Component` class with attacker-controlled arguments. Specifically, by exploiting the `move_resource_to_block_cache()` method of the `Block` class, an attacker can copy any file on the filesystem to a temporary directory and subsequently retrieve it. This vulnerability enables unauthorized local file read access, posing a significant risk especially when the application is exposed to the internet via `launch(share=True)`, thereby allowing remote attackers to read files on the host machine. Furthermore, gradio apps hosted on `huggingface.co` are also affected, potentially leading to the exposure of sensitive information such as API keys and credentials stored in environment variables. | |||||
CVE-2024-2083 | 2024-04-16 | N/A | 9.9 CRITICAL | ||
A directory traversal vulnerability exists in the zenml-io/zenml repository, specifically within the /api/v1/steps endpoint. Attackers can exploit this vulnerability by manipulating the 'logs' URI path in the request to fetch arbitrary file content, bypassing intended access restrictions. The vulnerability arises due to the lack of validation for directory traversal patterns, allowing attackers to access files outside of the restricted directory. | |||||
CVE-2024-3573 | 2024-04-16 | N/A | 9.3 CRITICAL | ||
mlflow/mlflow is vulnerable to Local File Inclusion (LFI) due to improper parsing of URIs, allowing attackers to bypass checks and read arbitrary files on the system. The issue arises from the 'is_local_uri' function's failure to properly handle URIs with empty or 'file' schemes, leading to the misclassification of URIs as non-local. Attackers can exploit this by crafting malicious model versions with specially crafted 'source' parameters, enabling the reading of sensitive files within at least two directory levels from the server's root. | |||||
CVE-2023-6977 | 1 Lfprojects | 1 Mlflow | 2024-02-28 | N/A | 7.5 HIGH |
This vulnerability enables malicious users to read sensitive files on the server. | |||||
CVE-2023-6975 | 1 Lfprojects | 1 Mlflow | 2024-02-28 | N/A | 9.8 CRITICAL |
A malicious user could use this issue to get command execution on the vulnerable machine and get access to data & models information. | |||||
CVE-2023-6909 | 1 Lfprojects | 1 Mlflow | 2024-02-28 | N/A | 7.5 HIGH |
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. | |||||
CVE-2023-2984 | 2 Microsoft, Pimcore | 2 Windows, Pimcore | 2024-02-28 | N/A | 8.8 HIGH |
Path Traversal: '\..\filename' in GitHub repository pimcore/pimcore prior to 10.5.22. | |||||
CVE-2023-1177 | 1 Lfprojects | 1 Mlflow | 2024-02-28 | N/A | 9.8 CRITICAL |
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.2.1. | |||||
CVE-2023-2780 | 1 Lfprojects | 1 Mlflow | 2024-02-28 | N/A | 9.8 CRITICAL |
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.3.1. | |||||
CVE-2023-1034 | 1 Salesagility | 1 Suitecrm | 2024-02-28 | N/A | 8.8 HIGH |
Path Traversal: '\..\filename' in GitHub repository salesagility/suitecrm prior to 7.12.9. | |||||
CVE-2023-0316 | 1 Froxlor | 1 Froxlor | 2024-02-28 | N/A | 5.5 MEDIUM |
Path Traversal: '\..\filename' in GitHub repository froxlor/froxlor prior to 2.0.0. |