Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lfprojects mlflow vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-1176
Absolute Path Traversal in GitHub repository mlflow/mlflow before 2.2.2.
Lfprojects Mlflow
NA
CVE-2023-1177
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow before 2.2.1.
Lfprojects Mlflow
3 Github repositories
NA
CVE-2023-6709
Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository mlflow/mlflow before 2.9.2.
Lfprojects Mlflow
NA
CVE-2023-6753
Path Traversal in GitHub repository mlflow/mlflow before 2.9.2.
Lfprojects Mlflow
NA
CVE-2023-6977
This vulnerability enables malicious users to read sensitive files on the server.
Lfprojects Mlflow
NA
CVE-2023-43472
An issue in MLFlow versions 2.8.1 and before allows a remote malicious user to obtain sensitive information via a crafted request to REST API.
Lfprojects Mlflow
NA
CVE-2023-6568
A reflected Cross-Site Scripting (XSS) vulnerability exists in the mlflow/mlflow repository, specifically within the handling of the Content-Type header in POST requests. An attacker can inject malicious JavaScript code into the Content-Type header, which is then improperly refle...
Lfprojects Mlflow
NA
CVE-2023-30172
A directory traversal vulnerability in the /get-artifact API method of the mlflow platform up to v2.0.1 allows malicious users to read arbitrary files on the server via the path parameter.
Lfprojects Mlflow
NA
CVE-2023-6831
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow before 2.9.2.
Lfprojects Mlflow
NA
CVE-2023-6909
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow before 2.9.2.
Lfprojects Mlflow
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27842
CVE-2024-30657
CVE-2024-4534
hardcoded
SSRF
CVE-2024-21683
CVE-2024-5364
file upload
CVE-2024-5371
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »