Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
geyang ml-logger server.py log_handler path traversal
Vulnerability Description
A vulnerability was identified in geyang ml-logger up to acf255bade5be6ad88d90735c8367b28cbe3a743. Affected by this vulnerability is the function log_handler of the file ml_logger/server.py. Such manipulation of the argument File leads to path traversal. It is possible to launch the attack remotely. The exploit is publicly available and might be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
ML-Logger 路径遍历漏洞
Vulnerability Description
ML-Logger是Ge Yang个人开发者的一个用于机器学习项目的记录器、服务器和可视化仪表板。 ML-Logger acf255bade5be6ad88d90735c8367b28cbe3a743及之前版本存在路径遍历漏洞,该漏洞源于文件ml_logger/server.py中log_handler函数对参数File的错误操作,可能导致路径遍历攻击。
CVSS Information
N/A
Vulnerability Type
N/A