CVE-2023-6015
MLflow allowed arbitrary files to be PUT onto the server in pypi/mlflow
Identifiers
GHSA-f798-qm4r-23r5, CVE-2023-6015
Package Slug
pypi/mlflow
Vulnerability
MLflow allowed arbitrary files to be PUT onto the server
Description
MLflow allowed arbitrary files to be PUT onto the server.
Affected Versions
All versions before 2.8.1
Solution
Upgrade to version 2.8.1 or above.
Last Modified
2023-11-17
| source |