admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2023/CVE-2023-6977.md
0xMarcio 9dd9a4d134 Update CVE sources 2024-08-07 19:02
2024-08-07 19:02:05 +00:00

18 lines
671 B
Markdown
Raw Blame History

### [CVE-2023-6977](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6977)
![](https://img.shields.io/static/v1?label=Product&message=mlflow%2Fmlflow&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=unspecified%3C%202.9.2%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-29%20Path%20Traversal%3A%20'%5C..%5Cfilename'&color=brighgreen)
### Description
This vulnerability enables malicious users to read sensitive files on the server.
### POC
#### Reference
- https://huntr.com/bounties/fe53bf71-3687-4711-90df-c26172880aaf
#### Github
- https://github.com/google/tsunami-security-scanner-plugins
Reference in New Issue View Git Blame Copy Permalink