Vendor CVEs
Mlflow
All CVEs
91 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-0520 | 0.00 | — | 0.02 | Jun 6, 2024 | A vulnerability in mlflow/mlflow version 8.2.1 allows for remote code execution due to improper neutralization of special elements used in an OS command ('Command Injection') within the `mlflow.data.http_dataset_source.py` module. Specifically, when loading a dataset from a… | |||
| CVE-2024-3099 | 0.00 | — | 0.00 | Jun 6, 2024 | A vulnerability in mlflow/mlflow version 2.11.1 allows attackers to create multiple models with the same name by exploiting URL encoding. This flaw can lead to Denial of Service (DoS) as an authenticated user might not be able to use the intended model, as it will open a… | |||
| CVE-2024-37061 | 0.00 | — | 0.01 | Jun 4, 2024 | Remote Code Execution can occur in versions of the MLflow platform running version 1.11.0 or newer, enabling a maliciously crafted MLproject to execute arbitrary code on an end user’s system when run. | |||
| CVE-2024-37060 | 0.00 | — | 0.01 | Jun 4, 2024 | Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.27.0 or newer, enabling a maliciously crafted Recipe to execute arbitrary code on an end user’s system when run. | |||
| CVE-2024-37059 | 0.00 | — | 0.01 | Jun 4, 2024 | Deserialization of untrusted data can occur in versions of the MLflow platform running version 0.5.0 or newer, enabling a maliciously uploaded PyTorch model to run arbitrary code on an end user’s system when interacted with. | |||
| CVE-2024-37058 | 0.00 | — | 0.01 | Jun 4, 2024 | Deserialization of untrusted data can occur in versions of the MLflow platform running version 2.5.0 or newer, enabling a maliciously uploaded Langchain AgentExecutor model to run arbitrary code on an end user’s system when interacted with. | |||
| CVE-2024-37057 | 0.00 | — | 0.01 | Jun 4, 2024 | Deserialization of untrusted data can occur in versions of the MLflow platform running version 2.0.0rc0 or newer, enabling a maliciously uploaded Tensorflow model to run arbitrary code on an end user’s system when interacted with. | |||
| CVE-2024-37056 | 0.00 | — | 0.01 | Jun 4, 2024 | Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.23.0 or newer, enabling a maliciously uploaded LightGBM scikit-learn model to run arbitrary code on an end user’s system when interacted with. | |||
| CVE-2024-37055 | 0.00 | — | 0.01 | Jun 4, 2024 | Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.24.0 or newer, enabling a maliciously uploaded pmdarima model to run arbitrary code on an end user’s system when interacted with. | |||
| CVE-2024-37054 | 0.00 | — | 0.01 | Jun 4, 2024 | Deserialization of untrusted data can occur in versions of the MLflow platform running version 0.9.0 or newer, enabling a maliciously uploaded PyFunc model to run arbitrary code on an end user’s system when interacted with. | |||
| CVE-2024-37053 | 0.00 | — | 0.01 | Jun 4, 2024 | Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.1.0 or newer, enabling a maliciously uploaded scikit-learn model to run arbitrary code on an end user’s system when interacted with. | |||
| CVE-2024-37052 | 0.00 | — | 0.01 | Jun 4, 2024 | Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.1.0 or newer, enabling a maliciously uploaded scikit-learn model to run arbitrary code on an end user’s system when interacted with. | |||
| CVE-2024-4263 | 0.00 | — | 0.00 | May 16, 2024 | A broken access control vulnerability exists in mlflow/mlflow versions before 2.10.1, where low privilege users with only EDIT permissions on an experiment can delete any artifacts. This issue arises due to the lack of proper validation for DELETE requests by users with EDIT… | |||
| CVE-2024-3848 | 0.00 | — | 0.43 | May 16, 2024 | A path traversal vulnerability exists in mlflow/mlflow version 2.11.0, identified as a bypass for the previously addressed CVE-2023-6909. The vulnerability arises from the application's handling of artifact URLs, where a '#' character can be used to insert a path into the… | |||
| CVE-2024-3573 | 0.00 | — | 0.01 | Apr 16, 2024 | mlflow/mlflow is vulnerable to Local File Inclusion (LFI) due to improper parsing of URIs, allowing attackers to bypass checks and read arbitrary files on the system. The issue arises from the 'is_local_uri' function's failure to properly handle URIs with empty or 'file'… | |||
| CVE-2024-1558 | 0.00 | — | 0.01 | Apr 16, 2024 | A path traversal vulnerability exists in the `_create_model_version()` function within `server/handlers.py` of the mlflow/mlflow repository, due to improper validation of the `source` parameter. Attackers can exploit this vulnerability by crafting a `source` parameter that… | |||
| CVE-2024-1594 | 0.00 | — | 0.01 | Apr 16, 2024 | A path traversal vulnerability exists in the mlflow/mlflow repository, specifically within the handling of the `artifact_location` parameter when creating an experiment. Attackers can exploit this vulnerability by using a fragment component `#` in the artifact location URI to… | |||
| CVE-2024-1593 | 0.00 | — | 0.01 | Apr 16, 2024 | A path traversal vulnerability exists in the mlflow/mlflow repository due to improper handling of URL parameters. By smuggling path traversal sequences using the ';' character in URLs, attackers can manipulate the 'params' portion of the URL to gain unauthorized access to files… | |||
| CVE-2024-1560 | 0.00 | — | 0.01 | Apr 16, 2024 | A path traversal vulnerability exists in the mlflow/mlflow repository, specifically within the artifact deletion functionality. Attackers can bypass path validation by exploiting the double decoding process in the `_delete_artifact_mlflow_artifacts` handler and… | |||
| CVE-2024-27133 | 0.00 | — | 0.01 | Feb 23, 2024 | Insufficient sanitization in MLflow leads to XSS when running a recipe that uses an untrusted dataset. This issue leads to a client-side RCE when running the recipe in Jupyter Notebook. The vulnerability stems from lack of sanitization over dataset table fields. | |||
| CVE-2024-27132 | 0.00 | — | 0.01 | Feb 23, 2024 | Insufficient sanitization in MLflow leads to XSS when running an untrusted recipe. This issue leads to a client-side RCE when running an untrusted recipe in Jupyter Notebook. The vulnerability stems from lack of sanitization over template variables. | |||
| CVE-2023-6977 | 0.00 | — | 0.04 | Dec 20, 2023 | This vulnerability enables malicious users to read sensitive files on the server. | |||
| CVE-2023-6976 | 0.00 | — | 0.01 | Dec 20, 2023 | This vulnerability is capable of writing arbitrary files into arbitrary locations on the remote filesystem in the context of the server process. | |||
| CVE-2023-6975 | 0.00 | — | 0.02 | Dec 20, 2023 | A malicious user could use this issue to get command execution on the vulnerable machine and get access to data & models information. | |||
| CVE-2023-6974 | 0.00 | — | 0.02 | Dec 20, 2023 | A malicious user could use this issue to access internal HTTP(s) servers and in the worst case (ie: aws instance) it could be abuse to get a remote code execution on the victim machine. | |||
| CVE-2023-6940 | 0.00 | — | 0.01 | Dec 19, 2023 | with only one user interaction(download a malicious config), attackers can gain full command execution on the victim system. | |||
| CVE-2023-6909 | 0.00 | — | 0.90 | Dec 18, 2023 | Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. | |||
| CVE-2023-6831 | 0.00 | — | 0.03 | Dec 15, 2023 | Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. | |||
| CVE-2023-6753 | 0.00 | — | 0.01 | Dec 13, 2023 | Path Traversal in GitHub repository mlflow/mlflow prior to 2.9.2. | |||
| CVE-2023-6709 | 0.00 | — | 0.01 | Dec 12, 2023 | Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository mlflow/mlflow prior to 2.9.2. | |||
| CVE-2023-6568 | 0.00 | — | 0.02 | Dec 7, 2023 | A reflected Cross-Site Scripting (XSS) vulnerability exists in the mlflow/mlflow repository, specifically within the handling of the Content-Type header in POST requests. An attacker can inject malicious JavaScript code into the Content-Type header, which is then improperly… | |||
| CVE-2023-6014 | 0.00 | — | 0.01 | Nov 16, 2023 | An attacker is able to arbitrarily create an account in MLflow bypassing any authentication requirment. | |||
| CVE-2023-6015 | 0.00 | — | 0.04 | Nov 16, 2023 | MLflow allowed arbitrary files to be PUT onto the server. | |||
| CVE-2023-6018 | 0.00 | — | 0.48 | Nov 16, 2023 | An attacker can overwrite any file on the server hosting MLflow without any authentication. | |||
| CVE-2023-4033 | 0.00 | — | 0.01 | Aug 1, 2023 | OS Command Injection in GitHub repository mlflow/mlflow prior to 2.6.0. | |||
| CVE-2023-3765 | 0.00 | — | 0.71 | Jul 19, 2023 | Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0. | |||
| CVE-2023-2780 | 0.00 | — | 0.06 | May 17, 2023 | Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.3.1. | |||
| CVE-2023-2356 | 0.00 | — | 0.04 | Apr 28, 2023 | Relative Path Traversal in GitHub repository mlflow/mlflow prior to 2.3.1. | |||
| CVE-2023-1176 | 0.00 | — | 0.01 | Mar 24, 2023 | Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.2.2. | |||
| CVE-2023-1177 | 0.00 | — | 0.69 | Mar 24, 2023 | Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.2.1. | |||
| CVE-2022-0736 | 0.00 | — | 0.02 | Feb 23, 2022 | Insecure Temporary File in GitHub repository mlflow/mlflow prior to 1.23.1. |
- CVE-2024-0520Jun 6, 2024risk 0.00cvss —epss 0.02
A vulnerability in mlflow/mlflow version 8.2.1 allows for remote code execution due to improper neutralization of special elements used in an OS command ('Command Injection') within the `mlflow.data.http_dataset_source.py` module. Specifically, when loading a dataset from a…
- CVE-2024-3099Jun 6, 2024risk 0.00cvss —epss 0.00
A vulnerability in mlflow/mlflow version 2.11.1 allows attackers to create multiple models with the same name by exploiting URL encoding. This flaw can lead to Denial of Service (DoS) as an authenticated user might not be able to use the intended model, as it will open a…
- CVE-2024-37061Jun 4, 2024risk 0.00cvss —epss 0.01
Remote Code Execution can occur in versions of the MLflow platform running version 1.11.0 or newer, enabling a maliciously crafted MLproject to execute arbitrary code on an end user’s system when run.
- CVE-2024-37060Jun 4, 2024risk 0.00cvss —epss 0.01
Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.27.0 or newer, enabling a maliciously crafted Recipe to execute arbitrary code on an end user’s system when run.
- CVE-2024-37059Jun 4, 2024risk 0.00cvss —epss 0.01
Deserialization of untrusted data can occur in versions of the MLflow platform running version 0.5.0 or newer, enabling a maliciously uploaded PyTorch model to run arbitrary code on an end user’s system when interacted with.
- CVE-2024-37058Jun 4, 2024risk 0.00cvss —epss 0.01
Deserialization of untrusted data can occur in versions of the MLflow platform running version 2.5.0 or newer, enabling a maliciously uploaded Langchain AgentExecutor model to run arbitrary code on an end user’s system when interacted with.
- CVE-2024-37057Jun 4, 2024risk 0.00cvss —epss 0.01
Deserialization of untrusted data can occur in versions of the MLflow platform running version 2.0.0rc0 or newer, enabling a maliciously uploaded Tensorflow model to run arbitrary code on an end user’s system when interacted with.
- CVE-2024-37056Jun 4, 2024risk 0.00cvss —epss 0.01
Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.23.0 or newer, enabling a maliciously uploaded LightGBM scikit-learn model to run arbitrary code on an end user’s system when interacted with.
- CVE-2024-37055Jun 4, 2024risk 0.00cvss —epss 0.01
Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.24.0 or newer, enabling a maliciously uploaded pmdarima model to run arbitrary code on an end user’s system when interacted with.
- CVE-2024-37054Jun 4, 2024risk 0.00cvss —epss 0.01
Deserialization of untrusted data can occur in versions of the MLflow platform running version 0.9.0 or newer, enabling a maliciously uploaded PyFunc model to run arbitrary code on an end user’s system when interacted with.
- CVE-2024-37053Jun 4, 2024risk 0.00cvss —epss 0.01
Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.1.0 or newer, enabling a maliciously uploaded scikit-learn model to run arbitrary code on an end user’s system when interacted with.
- CVE-2024-37052Jun 4, 2024risk 0.00cvss —epss 0.01
Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.1.0 or newer, enabling a maliciously uploaded scikit-learn model to run arbitrary code on an end user’s system when interacted with.
- CVE-2024-4263May 16, 2024risk 0.00cvss —epss 0.00
A broken access control vulnerability exists in mlflow/mlflow versions before 2.10.1, where low privilege users with only EDIT permissions on an experiment can delete any artifacts. This issue arises due to the lack of proper validation for DELETE requests by users with EDIT…
- CVE-2024-3848May 16, 2024risk 0.00cvss —epss 0.43
A path traversal vulnerability exists in mlflow/mlflow version 2.11.0, identified as a bypass for the previously addressed CVE-2023-6909. The vulnerability arises from the application's handling of artifact URLs, where a '#' character can be used to insert a path into the…
- CVE-2024-3573Apr 16, 2024risk 0.00cvss —epss 0.01
mlflow/mlflow is vulnerable to Local File Inclusion (LFI) due to improper parsing of URIs, allowing attackers to bypass checks and read arbitrary files on the system. The issue arises from the 'is_local_uri' function's failure to properly handle URIs with empty or 'file'…
- CVE-2024-1558Apr 16, 2024risk 0.00cvss —epss 0.01
A path traversal vulnerability exists in the `_create_model_version()` function within `server/handlers.py` of the mlflow/mlflow repository, due to improper validation of the `source` parameter. Attackers can exploit this vulnerability by crafting a `source` parameter that…
- CVE-2024-1594Apr 16, 2024risk 0.00cvss —epss 0.01
A path traversal vulnerability exists in the mlflow/mlflow repository, specifically within the handling of the `artifact_location` parameter when creating an experiment. Attackers can exploit this vulnerability by using a fragment component `#` in the artifact location URI to…
- CVE-2024-1593Apr 16, 2024risk 0.00cvss —epss 0.01
A path traversal vulnerability exists in the mlflow/mlflow repository due to improper handling of URL parameters. By smuggling path traversal sequences using the ';' character in URLs, attackers can manipulate the 'params' portion of the URL to gain unauthorized access to files…
- CVE-2024-1560Apr 16, 2024risk 0.00cvss —epss 0.01
A path traversal vulnerability exists in the mlflow/mlflow repository, specifically within the artifact deletion functionality. Attackers can bypass path validation by exploiting the double decoding process in the `_delete_artifact_mlflow_artifacts` handler and…
- CVE-2024-27133Feb 23, 2024risk 0.00cvss —epss 0.01
Insufficient sanitization in MLflow leads to XSS when running a recipe that uses an untrusted dataset. This issue leads to a client-side RCE when running the recipe in Jupyter Notebook. The vulnerability stems from lack of sanitization over dataset table fields.
- CVE-2024-27132Feb 23, 2024risk 0.00cvss —epss 0.01
Insufficient sanitization in MLflow leads to XSS when running an untrusted recipe. This issue leads to a client-side RCE when running an untrusted recipe in Jupyter Notebook. The vulnerability stems from lack of sanitization over template variables.
- CVE-2023-6977Dec 20, 2023risk 0.00cvss —epss 0.04
This vulnerability enables malicious users to read sensitive files on the server.
- CVE-2023-6976Dec 20, 2023risk 0.00cvss —epss 0.01
This vulnerability is capable of writing arbitrary files into arbitrary locations on the remote filesystem in the context of the server process.
- CVE-2023-6975Dec 20, 2023risk 0.00cvss —epss 0.02
A malicious user could use this issue to get command execution on the vulnerable machine and get access to data & models information.
- CVE-2023-6974Dec 20, 2023risk 0.00cvss —epss 0.02
A malicious user could use this issue to access internal HTTP(s) servers and in the worst case (ie: aws instance) it could be abuse to get a remote code execution on the victim machine.
- CVE-2023-6940Dec 19, 2023risk 0.00cvss —epss 0.01
with only one user interaction(download a malicious config), attackers can gain full command execution on the victim system.
- CVE-2023-6909Dec 18, 2023risk 0.00cvss —epss 0.90
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2.
- CVE-2023-6831Dec 15, 2023risk 0.00cvss —epss 0.03
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2.
- CVE-2023-6753Dec 13, 2023risk 0.00cvss —epss 0.01
Path Traversal in GitHub repository mlflow/mlflow prior to 2.9.2.
- CVE-2023-6709Dec 12, 2023risk 0.00cvss —epss 0.01
Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository mlflow/mlflow prior to 2.9.2.
- CVE-2023-6568Dec 7, 2023risk 0.00cvss —epss 0.02
A reflected Cross-Site Scripting (XSS) vulnerability exists in the mlflow/mlflow repository, specifically within the handling of the Content-Type header in POST requests. An attacker can inject malicious JavaScript code into the Content-Type header, which is then improperly…
- CVE-2023-6014Nov 16, 2023risk 0.00cvss —epss 0.01
An attacker is able to arbitrarily create an account in MLflow bypassing any authentication requirment.
- CVE-2023-6015Nov 16, 2023risk 0.00cvss —epss 0.04
MLflow allowed arbitrary files to be PUT onto the server.
- CVE-2023-6018Nov 16, 2023risk 0.00cvss —epss 0.48
An attacker can overwrite any file on the server hosting MLflow without any authentication.
- CVE-2023-4033Aug 1, 2023risk 0.00cvss —epss 0.01
OS Command Injection in GitHub repository mlflow/mlflow prior to 2.6.0.
- CVE-2023-3765Jul 19, 2023risk 0.00cvss —epss 0.71
Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0.
- CVE-2023-2780May 17, 2023risk 0.00cvss —epss 0.06
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.3.1.
- CVE-2023-2356Apr 28, 2023risk 0.00cvss —epss 0.04
Relative Path Traversal in GitHub repository mlflow/mlflow prior to 2.3.1.
- CVE-2023-1176Mar 24, 2023risk 0.00cvss —epss 0.01
Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.2.2.
- CVE-2023-1177Mar 24, 2023risk 0.00cvss —epss 0.69
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.2.1.
- CVE-2022-0736Feb 23, 2022risk 0.00cvss —epss 0.02
Insecure Temporary File in GitHub repository mlflow/mlflow prior to 1.23.1.
Page 2 of 2