Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lfprojects mlflow vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-2780
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow before 2.3.1.
Lfprojects Mlflow
NA
CVE-2023-6709
Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository mlflow/mlflow before 2.9.2.
Lfprojects Mlflow
NA
CVE-2023-6753
Path Traversal in GitHub repository mlflow/mlflow before 2.9.2.
Lfprojects Mlflow
NA
CVE-2023-6831
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow before 2.9.2.
Lfprojects Mlflow
NA
CVE-2023-6909
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow before 2.9.2.
Lfprojects Mlflow
NA
CVE-2023-6940
with only one user interaction(download a malicious config), attackers can gain full command execution on the victim system.
Lfprojects Mlflow
NA
CVE-2023-3765
Absolute Path Traversal in GitHub repository mlflow/mlflow before 2.5.0.
Lfprojects Mlflow
NA
CVE-2023-43472
An issue in MLFlow versions 2.8.1 and before allows a remote malicious user to obtain sensitive information via a crafted request to REST API.
Lfprojects Mlflow
NA
CVE-2023-30172
A directory traversal vulnerability in the /get-artifact API method of the mlflow platform up to v2.0.1 allows malicious users to read arbitrary files on the server via the path parameter.
Lfprojects Mlflow
NA
CVE-2023-1176
Absolute Path Traversal in GitHub repository mlflow/mlflow before 2.2.2.
Lfprojects Mlflow
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »