Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository mlflow/mlflow prior to 2.9.2.
References
Link | Resource |
---|---|
https://github.com/mlflow/mlflow/commit/432b8ccf27fd3a76df4ba79bb1bec62118a85625 | Patch |
https://huntr.com/bounties/9e4cc07b-6fff-421b-89bd-9445ef61d34d | Exploit Issue Tracking Mitigation Patch Third Party Advisory |
Configurations
History
13 Dec 2023, 21:12
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:* | |
References | () https://github.com/mlflow/mlflow/commit/432b8ccf27fd3a76df4ba79bb1bec62118a85625 - Patch | |
References | () https://huntr.com/bounties/9e4cc07b-6fff-421b-89bd-9445ef61d34d - Exploit, Issue Tracking, Mitigation, Patch, Third Party Advisory | |
First Time |
Lfprojects
Lfprojects mlflow |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
12 Dec 2023, 13:43
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
12 Dec 2023, 04:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-12-12 04:15
Updated : 2023-12-13 21:12
NVD link : CVE-2023-6709
Mitre link : CVE-2023-6709
CVE.ORG link : CVE-2023-6709
JSON object : View
Products Affected
lfprojects
- mlflow
CWE