Insufficient sanitization in MLflow leads to XSS when running a recipe that uses an untrusted dataset. This issue leads to a client-side RCE when running the recipe in Jupyter Notebook. The vulnerability stems from lack of sanitization over dataset table fields.
Max CVSS
7.5
EPSS Score
0.04%
Published
2024-02-23
Updated
2024-02-26
Insufficient sanitization in MLflow leads to XSS when running an untrusted recipe. This issue leads to a client-side RCE when running an untrusted recipe in Jupyter Notebook. The vulnerability stems from lack of sanitization over template variables.
Max CVSS
7.5
EPSS Score
0.04%
Published
2024-02-23
Updated
2024-02-26
JFrog Artifactory Self-Hosted versions below 7.77.3, are vulnerable to sensitive information disclosure whereby a low-privileged authenticated user can read the proxy configuration. This does not affect JFrog cloud deployments.
Max CVSS
4.3
EPSS Score
0.04%
Published
2024-04-15
Updated
2024-04-15
JFrog Artifactory versions below 7.77.7, 7.82.1, are vulnerable to DOM-based cross-site scripting due to improper handling of the import override mechanism.
Max CVSS
8.8
EPSS Score
0.04%
Published
2024-03-13
Updated
2024-03-14
Authentication bypass in vector-admin allows a user to register to a vector-admin server while “domain restriction” is active, even when not owning an authorized email address.
Max CVSS
6.5
EPSS Score
0.05%
Published
2024-01-25
Updated
2024-01-31
JFrog Artifactory versions 7.59 and above, but below 7.59.18, 7.63.18, 7.68.19, 7.71.8 are vulnerable to an issue whereby user interaction with specially crafted URLs could lead to exposure of user access tokens due to improper handling of the CLI / IDE browser based SSO integration.
Max CVSS
9.3
EPSS Score
0.04%
Published
2024-03-07
Updated
2024-03-07
JFrog Artifactory prior to version 7.76.2 is vulnerable to Arbitrary File Write of untrusted data, which may lead to DoS or Remote Code Execution when a specially crafted series of requests is sent by an authenticated user. This is due to insufficient validation of artifacts.
Max CVSS
7.2
EPSS Score
0.04%
Published
2024-03-07
Updated
2024-03-08
JFrog Artifactory later than version 7.17.4 but prior to version 7.77.0 is vulnerable to an issue whereby a sequence of improperly handled exceptions in repository configuration initialization steps may lead to exposure of sensitive data.
Max CVSS
6.6
EPSS Score
0.04%
Published
2024-03-07
Updated
2024-03-08
JFrog Artifactory prior to version 7.66.0 is vulnerable to specific endpoint abuse with a specially crafted payload, which can lead to unauthenticated users being able to send emails with manipulated email body.
Max CVSS
6.5
EPSS Score
0.05%
Published
2023-10-03
Updated
2023-10-05
FileUtil.extract() enumerates all zip file entries and extracts each file without validating whether file paths in the archive are outside the intended directory. When creating an instance of TensorflowModel using the saved_model format and an exported tensorflow model, the apply() function invokes the vulnerable implementation of FileUtil.extract(). Arbitrary file creation can directly lead to code execution
Max CVSS
9.8
EPSS Score
0.40%
Published
2023-11-15
Updated
2023-11-22
DoS of the OkHttp client when using a BrotliInterceptor and surfing to a malicious web server, or when an attacker can perform MitM to inject a Brotli zip-bomb into an HTTP response
Max CVSS
5.9
EPSS Score
0.05%
Published
2023-07-19
Updated
2023-08-02
GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This may lead to denial of service of the Okio client when handling a crafted GZIP archive, by using the GzipSource class.
Max CVSS
7.5
EPSS Score
0.04%
Published
2023-07-12
Updated
2023-10-25
A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones.
Max CVSS
6.5
EPSS Score
0.05%
Published
2023-06-19
Updated
2023-08-01
A remote attacker can trigger a denial of service in the socket.remoteAddress variable, by sending a crafted HTTP request. Usage of the undefined variable raises a TypeError exception.
Max CVSS
7.5
EPSS Score
0.07%
Published
2023-05-30
Updated
2023-06-06
An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown.
Max CVSS
7.5
EPSS Score
0.08%
Published
2023-03-22
Updated
2023-03-29
[Json-smart](https://netplex.github.io/json-smart/) is a performance focused, JSON processor lib. When reaching a ‘[‘ or ‘{‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays and objects is done recursively, nesting too many of them can cause a stack exhaustion (stack overflow) and crash the software.
Max CVSS
7.5
EPSS Score
0.09%
Published
2023-03-22
Updated
2024-04-01
Caret is vulnerable to an XSS attack when the user opens a crafted Markdown file when preview mode is enabled. This directly leads to client-side code execution.
Max CVSS
9.6
EPSS Score
0.21%
Published
2023-01-11
Updated
2023-01-18
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the cleo PyPI package, when an attacker is able to supply arbitrary input to the Table.set_rows method
Max CVSS
7.5
EPSS Score
0.08%
Published
2022-11-09
Updated
2023-07-06
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the snowflake-connector-python PyPI package, when an attacker is able to supply arbitrary input to the undocumented get_file_transfer_type method
Max CVSS
7.5
EPSS Score
0.08%
Published
2022-11-09
Updated
2023-09-25
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the pymatgen PyPI package, when an attacker is able to supply arbitrary input to the GaussianInput.from_string method
Max CVSS
7.5
EPSS Score
0.08%
Published
2022-11-09
Updated
2023-07-06
<bytes::Bytes as axum_core::extract::FromRequest>::from_request would not, by default, set a limit for the size of the request body. That meant if a malicious peer would send a very large (or infinite) body your server might run out of memory and crash. This also applies to these extractors which used Bytes::from_request internally: axum::extract::Form axum::extract::Json String
Max CVSS
7.5
EPSS Score
0.08%
Published
2022-09-14
Updated
2022-09-16
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the eth-account PyPI package, when an attacker is able to supply arbitrary input to the encode_structured_data method
Max CVSS
7.5
EPSS Score
0.09%
Published
2022-08-22
Updated
2023-07-24
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the devcert npm package, when an attacker is able to supply arbitrary input to the certificateFor method
Max CVSS
7.5
EPSS Score
0.09%
Published
2022-06-02
Updated
2023-07-24
JFrog Artifactory prior to 7.37.13 is vulnerable to Authentication Bypass, which can lead to Privilege Escalation when a specially crafted request is sent by an unauthenticated user.
Max CVSS
9.8
EPSS Score
0.12%
Published
2023-01-08
Updated
2023-01-12
JFrog Artifactory before 7.36.1 and 6.23.41, is vulnerable to Insecure Deserialization of untrusted data which can lead to DoS, Privilege Escalation and Remote Code Execution when a specially crafted request is sent by a low privileged authenticated user due to insufficient validation of a user-provided serialized object.
Max CVSS
8.8
EPSS Score
0.21%
Published
2022-05-16
Updated
2022-05-25
67 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!