VYPR

Mleap

by Combust

Source repositories

CVEs (1)

  • CVE-2023-5245HigNov 15, 2023
    risk 0.42cvss 7.5epss 0.01

    FileUtil.extract() enumerates all zip file entries and extracts each file without validating whether file paths in the archive are outside the intended directory. When creating an instance of TensorflowModel using the saved_model format and an exported tensorflow model, the…