CNNVD-202509-3959 Information

CNNVD ID

CNNVD-202509-3959

Related CVE

CVE-2025-10952

• CNNVD Published: 2025-09-25

Description (Chinese)

ML-Logger是Ge Yang个人开发者的一个用于机器学习项目的记录器、服务器和可视化仪表板。 ML-Logger acf255bade5be6ad88d90735c8367b28cbe3a743及之前版本存在访问控制错误漏洞，该漏洞源于对文件ml_logger/server.py中组件File Handler的函数stream_handler的参数key的错误操作，可能导致信息泄露。

Description (English)

ML-Logger is a recorder, server and visualizer for a machine learning project by Ge Yang Personal Developer. ML-Logger acf. 255bade5be6ad88d9035c8367b28cbe3a743 and previous versions have access control error holes, which are the result of mishandling the parameter key of the function of the File Handler component in document ml logger/server.py, which could lead to the disclosure of information.

Hazard Level

High

Vulnerability Type

访问控制错误

Affected Vendor

LitexMedia

Published

2025-09-25

Last Modified

2026-02-24

References

https://github.com/geyang/ml-logger/issues/74 https://vuldb.com/?ctiid.325822 https://vuldb.com/?id.325822 https://vuldb.com/?submit.652463