CVE-2023-5245

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-5245

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-5245.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-5245

Aliases

GHSA-897x-xvj8-42rq

Published

2023-11-15T13:15:07Z

Modified

2025-02-19T03:35:06.542698Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

FileUtil.extract() enumerates all zip file entries and extracts each file without validating whether file paths in the archive are outside the intended directory.

When creating an instance of TensorflowModel using the saved_model format and an exported tensorflow model, the apply() function invokes the vulnerable implementation of FileUtil.extract().

Arbitrary file creation can directly lead to code execution

References

Affected packages

Git / github.com/combust/mleap

Affected ranges

Type: GIT
Repo: https://github.com/combust/mleap
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

39b5da3b4357ba9e1e182b036fa0ed7dbb365dec

Last affected

551b069953a837f6e702ee8bb2ed47383f2aa4a3

Affected versions

Other

old-format

v0.*

v0.10.0

v0.10.1

v0.10.2

v0.10.3

v0.11.0

v0.12.0

v0.13.0

v0.14.0

v0.15.0

v0.16.0

v0.17.0

v0.18.0

v0.2.0

v0.3.0

v0.4.0

v0.5.0

v0.6.0

v0.7.0

v0.8.0

v0.9.1

v0.9.2

v0.9.3

v0.9.5

v0.9.6