>= 3.8.0, < 3.9.0
from 0, < 2.9.1
from 0, < 2.9.2
CRITICAL10.0MLflow allowed arbitrary files to be PUT onto the server
from 0, < 2.8.1
CRITICAL10.0Remote Code Execution due to Full Controled File Write in mlflow
CRITICAL10.0MLflow Path Traversal vulnerability
from 0, < 2.5.0
CRITICAL10.0Relative path traversal in mlflow
from 0, < 2.3.1
CRITICAL9.8MLflow Server-Side Request Forgery (SSRF)
from 0, < 2.9.2
CRITICAL9.8MLFlow Path Traversal Vulnerability
from 0, < 2.9.2
CRITICAL9.8mlflow Path Traversal vulnerability
from 0, < 2.3.1
CRITICAL9.8mlflow is vulnerable to remote file access in `mlflow server` and `mlflow ui` CLIs
from 0, < 2.2.1
CRITICAL9.6MLflow: Improper Origin Validation in MLflow Assistant /ajax-api Endpoints Enables Browser-Mediated Local Command Execution
>= 3.9.0, < 3.10.0
CRITICAL9.6Mlflow: Command Injection when serving models with enable_mlserver=True
from 0, < 3.11.1
CRITICAL9.6MLFlow path traversal vulnerability
from 0, < 3.9.0
CRITICAL9.6Cross-site Scripting in MLFlow
from 0, < 2.10.0
CRITICAL9.6MLFlow Cross-site Scripting vulnerability leads to client-side Remote Code Execution
from 0, < 2.10.0
CRITICAL9.3mlflow vulnerable to Path Traversal
from 0, < 2.10.0
CRITICAL9.1MLflow authentication requirement bypass can allow a user to arbitrarily create an account
CRITICAL9.0Missing Authorization Validation in mlflow/mlflow
from 0, < 3.11.1
HIGH8.8MLFlow improper input validation
>= 1.11.0, < 2.13.2
HIGH8.8MLFlow unsafe deserialization
>= 2.0.0, <= 2.13.1
HIGH8.8MLFlow unsafe deserialization
>= 0.5.0, < 2.13.2
HIGH8.8MLFlow unsafe deserialization
>= 1.27.0, < 2.13.2
HIGH8.8MLFlow unsafe deserialization
>= 2.5.0, < 2.13.2
HIGH8.8MLFlow unsafe deserialization
>= 1.23.0, < 2.13.2
HIGH8.8MLFlow unsafe deserialization
>= 0.9.0, < 2.13.2
HIGH8.8MLFlow unsafe deserialization
>= 1.24.0, < 2.13.2
HIGH8.8MLFlow unsafe deserialization
>= 1.1.0, < 2.13.2
HIGH8.8MLFlow unsafe deserialization
>= 1.1.0, < 2.13.2
HIGH8.8MLflow Path Traversal Vulnerability
from 0, < 2.9.2
HIGH8.8mlflow Command Injection vulnerability
from 0, < 2.9.2
HIGH8.8Path traversal in MLflow
from 0, < 2.9.2
HIGH8.8Jinja2 template injection in mlflow
from 0, < 2.9.2
HIGH8.8mlflow vulnerable to OS Command Injection
from 0, < 2.6.0
HIGH8.6MLflow: unauthenticated access to certain FastAPI routes
from 0, < 3.10.0
HIGH8.2Insecure Temporary File in mlflow
from 0, < 1.23.1
HIGH8.1Arbitrary file write via tar traversal in mlflow
from 0, < 3.11.1
HIGH8.1MLFlow is vulnerable to DNS rebinding attacks due to a lack of Origin header validation
from 0, < 3.5.0
HIGH8.1MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability
from 0, < 3.0.0
HIGH8.1MLflow Weak Password Requirements Authentication Bypass Vulnerability
from 0, < 2.21.1
HIGH8.1mlflow vulnerable to Path Traversal
from 0, < 2.12.2
HIGH7.7Environment Variable Resolution Vulnerability in mlflow/mlflow
from 0, < 3.11.0
HIGH7.5MLflow allows an unauthenticated remote attacker to read arbitrary files from the server's filesystem
from 0, < 3.10.0
HIGH7.5MLflow has a command injection in mlflow/sagemaker/__init__.py
from 0, < 3.7.0
HIGH7.5MLflow has a Local File Read/Path Traversal in dbfs
>= 2.15.1, < 2.16.0
HIGH7.5Local File Inclusion in mlflow
from 0, < 2.11.3
HIGH7.5MLflow has a Local File Read/Path Traversal bypass
from 0, < 2.12.1
HIGH7.5mlflow vulnerable to Path Traversal
from 0, < 2.12.1
HIGH7.5mlflow vulnerable to Path Traversal
from 0, < 2.11.3
HIGH7.5mlflow vulnerable to Path Traversal
from 0, < 2.11.3
HIGH7.5mlflow Path Traversal vulnerability
from 0, < 2.12.1
HIGH7.5MLflow Local File Disclosure Vulnerability
>= 1.0.0, < 2.9.2
HIGH7.5MLflow Path Traversal Vulnerability
from 0, < 2.9.2
HIGH7.5Information exposure in MLflow
from 0, < 2.8.2
HIGH7.5mflow vulnerable to directory traversal
from 0, < 2.0.1
HIGH7.1MLflow Has a Server-Side Request Forgery (SSRF) Vulnerability
from 0, < 3.9.0
HIGH7.0MLFlow Creates a Temporary File With Insecure Permissions
from 0, < 3.11.0
HIGH7.0mlflow Creates of Temporary File in Directory with Insecure Permissions
from 0, < 3.4.0
HIGH7.0MLflow's excessive directory permissions allow local privilege escalation
from 0, < 2.16.0
MEDIUM6.5Improper Access Control in mlflow/mlflow
>= 3.9.0, < 3.10.0
MEDIUM6.5MLflow authenticated users can enumerate any registered model versions due to lack of per-model permissions checks
from 0, < 3.10.0
MEDIUM6.5Cross-site Scripting (XSS) in MLflow
from 0, < 2.9.1
MEDIUM5.9MLflow Uncontrolled Resource Consumption vulnerability
>= 2.17.2, < 2.18.0
MEDIUM5.8MLFlow SSRF via gateway_proxy_handler
from 0, < 3.1.0
MEDIUM5.4MLflow is vulnerable to Stored Cross-Site Scripting (XSS) caused by unsafe parsing of YAML-based MLmodel artifacts in its web interface
from 0, < 3.11.1
MEDIUM5.4MLflow Cross-Site Request Forgery (CSRF) vulnerability
>= 2.17.0, < 2.20.1
MEDIUM5.4Undefined Behavior in mlflow
MEDIUM5.4MLflow allows low privilege users to delete any artifact
from 0, < 2.12.1
MEDIUM5.3MLflow Uncontrolled Resource Consumption vulnerability
>= 2.13.2, < 2.14.0
MEDIUM4.3MLflow is vulnerable to an authorization bypass affecting the AJAX endpoint
from 0, < 3.11.1
LOW3.8MLflow has Weak Password Requirements
from 0, < 2.19.0
LOW3.3Remote file existence check vulnerability in `mlflow server` and `mlflow ui` CLIs
from 0, < 2.2.2
—MLflow Dataset Digest Computation digest_utils.py mlflow.data.digest_utils weak hash
from 0, < 3.10.1