CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 1CVE-2023-2356 – Relative Path Traversal in mlflow/mlflow
https://notcve.org/view.php?id=CVE-2023-2356
Relative Path Traversal in GitHub repository mlflow/mlflow prior to 2.3.1. • https://github.com/mlflow/mlflow/commit/f73147496e05c09a8b83d95fb4f1bf86696c6342 https://huntr.dev/bounties/7b5d130d-38eb-4133-8c7d-0dfc9a9d9896 • CWE-23: Relative Path Traversal •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-30549 – Unpatched extfs vulnerabilities are exploitable through suid-mode Apptainer
https://notcve.org/view.php?id=CVE-2023-30549
Apptainer is an open source container platform for Linux. There is an ext4 use-after-free flaw that is exploitable through versions of Apptainer < 1.1.0 and installations that include apptainer-suid < 1.1.8 on older operating systems where that CVE has not been patched. That includes Red Hat Enterprise Linux 7, Debian 10 buster (unless the linux-5.10 package is installed), Ubuntu 18.04 bionic and Ubuntu 20.04 focal. Use-after-free flaws in the kernel can be used to attack the kernel for denial of service and potentially for privilege escalation. Apptainer 1.1.8 includes a patch that by default disables mounting of extfs filesystem types in setuid-root mode, while continuing to allow mounting of extfs filesystems in non-setuid "rootless" mode using fuse2fs. Some workarounds are possible. Either do not install apptainer-suid (for versions 1.1.0 through 1.1.7) or set `allow setuid = no` in apptainer.conf. • https://access.redhat.com/security/cve/cve-2022-1184 https://github.com/apptainer/apptainer/commit/5a4964f5ba9c8d89a0e353b97f51fd607670a9f7 https://github.com/apptainer/apptainer/releases/tag/v1.1.8 https://github.com/apptainer/apptainer/security/advisories/GHSA-j4rf-7357-f4cg https://github.com/torvalds/linux/commit/2220eaf90992c11d888fe771055d4de3303 https://github.com/torvalds/linux/commit/4f04351888a83e595571de672e0a4a8b74f https://lwn.net/Articles/932136 https://lwn.net/Articles/932137 https://security-tracker.debi • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2022-46397
https://notcve.org/view.php?id=CVE-2022-46397
FP.io VPP (Vector Packet Processor) 22.10, 22.06, 22.02, 21.10, 21.06, 21.01, 20.09, 20.05, 20.01, 19.08, and 19.04 Generates a Predictable IV with CBC Mode. • https://lists.fd.io/g/security-announce/message/2 https://s3-docs.fd.io/vpp/23.02 •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-1176 – Absolute Path Traversal in mlflow/mlflow
https://notcve.org/view.php?id=CVE-2023-1176
Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.2.2. • https://github.com/mlflow/mlflow/commit/63ef72aa4334a6473ce7f889573c92fcae0b3c0d https://huntr.dev/bounties/ae92f814-6a08-435c-8445-eec0ef4f1085 • CWE-36: Absolute Path Traversal •
CVSS: 9.8EPSS: 22%CPEs: 1EXPL: 4CVE-2023-1177 – Path Traversal: '\..\filename' in mlflow/mlflow
https://notcve.org/view.php?id=CVE-2023-1177
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.2.1. • https://github.com/iumiro/CVE-2023-1177-MLFlow https://github.com/hh-hunter/ml-CVE-2023-1177 https://github.com/tiyeume25112004/CVE-2023-1177-rebuild https://github.com/mlflow/mlflow/pull/7891/commits/7162a50c654792c21f3e4a160eb1a0e6a34f6e6e https://huntr.dev/bounties/1fe8f21a-c438-4cba-9add-e8a5dab94e28 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-29: Path Traversal: '\..\filename' •