CVE-2024-3848 | mlflow up to 2.12.0 path traversal

Posted by Angelo Barbosa | May 16, 2024 | CVE

A vulnerability was found in mlflow up to 2.12.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to path traversal: ‘..filename’.

This vulnerability is known as CVE-2024-3848. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-3848 | mlflow up to 2.12.0 path traversal

Related Posts

CVE-2024-3475 | Sticky Buttons Plugin up to 3.2.3 on WordPress cross-site request forgery

CVE-2024-50245 | Linux Kernel up to 5.15.170/6.1.115/6.6.59/6.11.6 ntfs3 ni_lock_dir deadlock

CVE-2024-38634 | Linux Kernel up to 6.9.3 serial_core.c uart_handle_cts_change Privilege Escalation

CVE-2024-35399 | Totolink CP900L 4.1.5cu.798_B20221228 loginAuth password stack-based overflow