Vulnerability Details CVE-2023-30172
A directory traversal vulnerability in the /get-artifact API method of the mlflow platform up to v2.0.1 allows attackers to read arbitrary files on the server via the path parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.7%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2023-30172
-
cpe:2.3:a:lfprojects:mlflow:-
-
cpe:2.3:a:lfprojects:mlflow:0.2.0
-
cpe:2.3:a:lfprojects:mlflow:0.2.1
-
cpe:2.3:a:lfprojects:mlflow:0.3.0
-
cpe:2.3:a:lfprojects:mlflow:0.4.0
-
cpe:2.3:a:lfprojects:mlflow:0.4.1
-
cpe:2.3:a:lfprojects:mlflow:0.4.2
-
cpe:2.3:a:lfprojects:mlflow:0.5.0
-
cpe:2.3:a:lfprojects:mlflow:0.5.1
-
cpe:2.3:a:lfprojects:mlflow:0.5.2
-
cpe:2.3:a:lfprojects:mlflow:0.6.0
-
cpe:2.3:a:lfprojects:mlflow:0.7
-
cpe:2.3:a:lfprojects:mlflow:0.7.0
-
cpe:2.3:a:lfprojects:mlflow:0.8.0
-
cpe:2.3:a:lfprojects:mlflow:0.8.1
-
cpe:2.3:a:lfprojects:mlflow:0.8.2
-
cpe:2.3:a:lfprojects:mlflow:0.9.0
-
cpe:2.3:a:lfprojects:mlflow:0.9.1
-
cpe:2.3:a:lfprojects:mlflow:1.0.0
-
cpe:2.3:a:lfprojects:mlflow:1.1.0
-
cpe:2.3:a:lfprojects:mlflow:1.10.0
-
cpe:2.3:a:lfprojects:mlflow:1.11.0
-
cpe:2.3:a:lfprojects:mlflow:1.12.0
-
cpe:2.3:a:lfprojects:mlflow:1.12.1
-
cpe:2.3:a:lfprojects:mlflow:1.13.0
-
cpe:2.3:a:lfprojects:mlflow:1.13.1
-
cpe:2.3:a:lfprojects:mlflow:1.14.0
-
cpe:2.3:a:lfprojects:mlflow:1.14.1
-
cpe:2.3:a:lfprojects:mlflow:1.15.0
-
cpe:2.3:a:lfprojects:mlflow:1.16.0
-
cpe:2.3:a:lfprojects:mlflow:1.17.0
-
cpe:2.3:a:lfprojects:mlflow:1.18.0
-
cpe:2.3:a:lfprojects:mlflow:1.19.0
-
cpe:2.3:a:lfprojects:mlflow:1.2.0
-
cpe:2.3:a:lfprojects:mlflow:1.20.0
-
cpe:2.3:a:lfprojects:mlflow:1.20.1
-
cpe:2.3:a:lfprojects:mlflow:1.20.2
-
cpe:2.3:a:lfprojects:mlflow:1.21.0
-
cpe:2.3:a:lfprojects:mlflow:1.22.0
-
cpe:2.3:a:lfprojects:mlflow:1.23.0
-
cpe:2.3:a:lfprojects:mlflow:1.23.1
-
cpe:2.3:a:lfprojects:mlflow:1.24.0
-
cpe:2.3:a:lfprojects:mlflow:1.25.0
-
cpe:2.3:a:lfprojects:mlflow:1.25.1
-
cpe:2.3:a:lfprojects:mlflow:1.26.0
-
cpe:2.3:a:lfprojects:mlflow:1.26.1
-
cpe:2.3:a:lfprojects:mlflow:1.27.0
-
cpe:2.3:a:lfprojects:mlflow:1.28.0
-
cpe:2.3:a:lfprojects:mlflow:1.29.0
-
cpe:2.3:a:lfprojects:mlflow:1.3.0
-
cpe:2.3:a:lfprojects:mlflow:1.30.0
-
cpe:2.3:a:lfprojects:mlflow:1.4.0
-
cpe:2.3:a:lfprojects:mlflow:1.5.0
-
cpe:2.3:a:lfprojects:mlflow:1.6.0
-
cpe:2.3:a:lfprojects:mlflow:1.7.0
-
cpe:2.3:a:lfprojects:mlflow:1.7.1
-
cpe:2.3:a:lfprojects:mlflow:1.7.2
-
cpe:2.3:a:lfprojects:mlflow:1.8.0
-
cpe:2.3:a:lfprojects:mlflow:1.9.0
-
cpe:2.3:a:lfprojects:mlflow:1.9.1
-
cpe:2.3:a:lfprojects:mlflow:2.0.0