Filtered by vendor Lfprojects
Subscriptions
Filtered by product Mlflow
Subscriptions
Total
46 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-6015 | 1 Lfprojects | 1 Mlflow | 2024-11-21 | 7.5 High |
| MLflow allowed arbitrary files to be PUT onto the server. | ||||
| CVE-2023-6014 | 1 Lfprojects | 1 Mlflow | 2024-11-21 | 9.8 Critical |
| An attacker is able to arbitrarily create an account in MLflow bypassing any authentication requirment. | ||||
| CVE-2023-4033 | 2 Lfprojects, Mlflow | 2 Mlflow, Mlflow | 2024-11-21 | 7.8 High |
| OS Command Injection in GitHub repository mlflow/mlflow prior to 2.6.0. | ||||
| CVE-2023-43472 | 1 Lfprojects | 1 Mlflow | 2024-11-21 | 7.5 High |
| An issue in MLFlow versions 2.8.1 and before allows a remote attacker to obtain sensitive information via a crafted request to REST API. | ||||
| CVE-2023-3765 | 2 Lfprojects, Microsoft | 2 Mlflow, Windows | 2024-11-21 | 10.0 Critical |
| Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0. | ||||
| CVE-2022-0736 | 1 Lfprojects | 1 Mlflow | 2024-11-21 | 7.5 High |
| Insecure Temporary File in GitHub repository mlflow/mlflow prior to 1.23.1. | ||||