exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 2

CVE-2024-27133

почти 2 года назад

Insufficient sanitization in MLflow leads to XSS when running a recipe that uses an untrusted dataset. This issue leads to a client-side RCE when running the recipe in Jupyter Notebook. The vulnerability stems from lack of sanitization over dataset table fields.

CVSS3: 7.5

EPSS: Низкий

GHSA-3v79-q7ph-j75h

почти 2 года назад

MLFlow Cross-site Scripting vulnerability leads to client-side Remote Code Execution

CVSS3: 9.6

EPSS: Низкий

Уязвимостей на страницу

	Уязвимость	CVSS	EPSS	Опубликовано
	CVE-2024-27133 Insufficient sanitization in MLflow leads to XSS when running a recipe that uses an untrusted dataset. This issue leads to a client-side RCE when running the recipe in Jupyter Notebook. The vulnerability stems from lack of sanitization over dataset table fields.	CVSS3: 7.5	0% Низкий	почти 2 года назад
	GHSA-3v79-q7ph-j75h MLFlow Cross-site Scripting vulnerability leads to client-side Remote Code Execution	CVSS3: 9.6	0% Низкий	почти 2 года назад

Уязвимостей на страницу