CVE-2023-3765

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions MLflow versions prior to 2.5.0

Description The issue exists due to incorrect restriction of the path name to a directory with limited access in the validate path is safe() function of the MLflow platform. This can allow a remote attacker to disclose protected information or write arbitrary files.

Recommendations For versions prior to 2.5.0, update to version 2.5.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the validate path is safe() function until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-36

Related Identifiers

BDU:2023-03995

BIT-MLFLOW-2023-3765

CVE-2023-3765

GHSA-FMXJ-6H9G-6VW3

PYSEC-2023-308

Affected Products

Mlflow

CVE-2023-3765

Weakness Enumeration

Related Identifiers

Affected Products

References · 20