BF Specification of CVE-2023-2356 Relative Path Traversal in GitHub repository mlflow/mlflow prior to 2.3.1
-0.png)
//generated//
Missing Code in '_validate_source(source, run_id)' to Format Validate path in Codebase mlflow/server/handlers.py:1333 leads to File Injection (relative path traversal)
. If exploited this can lead to IEX (confidentiality loss).
vendor:product: lfprojects:mlflow |
| Class | Definition |
| DVL | Data Validation (DVL) class – Data are validated (syntax check) or sanitized (escape, filter, repair) improperly. |
| Operation | Definition |
| Validate | Validate operation – Check data syntax (proper form/grammar, incl. check for missing symbols/elements) in order to accept (and possibly sanitize) or reject it. |
| Cause/Consequence | Definition |
| Code Bug | Code Bug type – Defect in the implementation of the operation – proper operands over an improper operation. A first cause for the chain of weaknesses underlying a software security vulnerability. Must be fixed to resolve the vulnerability. |
| Missing Code | Missing Code bug - The operation is entirely absent. |
| Injection Final Error | Injection exploitable error type – An exploitable or undefined system behavior caused by 'code separation' data validation bugs. |
| File Injection | File Injection exploitable error – Maliciously inserted data (e.g., with .. and / or with file entries) into an input used to access/modify files or as a file content. |
| Operation Attribute | Definition |
| Mechanism | Mechanism operation attribute type – Shows how the buggy/faulty operation code is performed. |
| Format | Format operation attribute – The operation is via a policy based on syntax format (e.g., defined via regular expression). |
| Source Code | Source Code operation attribute type – Shows where the operation with the bug or a faulty operand is in the program – in what kind of software. |
| Codebase | Codebase operation attribute – The operation is in the programmer's code - in the application itself. |
| Execution Space | Execution Space operation attribute type – Shows where the buggy/faulty operation code is running or with what privilege level. |
| Local | Local operation attribute – The bugged code runs in an environment with access control policy with limited (local user) permission. |
| Operand Attribute | Definition |
| Data State | Data State operand attribute type operand attribute – Shows where the data come from. |
| Entered | Entered operand attribute – Data are from a user via a user interface (e.g., input field of a dialog or a command prompt). |