Critical flaw in AI testing framework MLflow can lead to server and data compromise
Critical flaw in AI testing framework MLflow can lead to server and data compromise
25 March 2023
The vulnerability found by Dan McInerney is tracked as CVE-2023-1177 and is rated 10 (critical) on the CVSS scale. It is described as a local and remote file inclusion (LFI/RFI) via the API.