mlflow vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2024-27133Criticalmlflow: MLFlow Cross-site Scripting vulnerability leads to client-side Remote Code ExecutionCVE-2024-27132Criticalmlflow: Cross-site Scripting in MLFlowCVE-2023-6975Criticalmlflow: MLFlow Path Traversal VulnerabilityCVE-2023-6977Highmlflow: MLflow Local File Disclosure VulnerabilityCVE-2023-6974Criticalmlflow: MLflow Server-Side Request Forgery (SSRF)CVE-2023-6976Highmlflow: MLflow Path Traversal VulnerabilityCVE-2023-6909Highmlflow: MLflow Path Traversal VulnerabilityCVE-2023-6940Highmlflow: mlflow Command Injection vulnerabilityCVE-2023-6831Criticalmlflow: Path traversal in MLflowCVE-2023-6753Highmlflow: Path traversal in MLflowCVE-2023-6709Highmlflow: Jinja2 template injection in mlflowCVE-2023-6568Mediummlflow: Cross-site Scripting (XSS) in MLflowCVE-2023-43472Highmlflow: Information exposure in MLflowCVE-2023-6014Criticalmlflow: MLflow authentication requirement bypass can allow a user to arbitrarily create an accountCVE-2023-6018Criticalmlflow: Remote Code Execution due to Full Controled File Write in mlflowCVE-2023-6015Criticalmlflow: MLflow allowed arbitrary files to be PUT onto the serverCVE-2023-4033Highmlflow: mlflow vulnerable to OS Command InjectionCVE-2023-3765Criticalmlflow: MLflow Path Traversal vulnerabilityCVE-2023-2780Criticalmlflow: mlflow Path Traversal vulnerabilityCVE-2023-30172Highmlflow: mflow vulnerable to directory traversalGHSA-83FM-W79M-64R5Criticalmlflow: Remote file access vulnerability in `mlflow server` and `mlflow ui` CLIsCVE-2023-2356Highmlflow: Relative path traversal in mlflowCVE-2023-1176Mediummlflow: Remote file existence check vulnerability in `mlflow server` and `mlflow ui` CLIsCVE-2023-1177Criticalmlflow: mlflow is vulnerable to remote file access in `mlflow server` and `mlflow ui` CLIsCVE-2022-0736Highmlflow: Insecure Temporary File in mlflow

Stop the waste.
Protect your environment with Kodem.