Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

MLflow — Vulnerabilities & Security Advisories 61

Browse all 61 CVE security advisories affecting MLflow. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by MLflow:mlflow/mlflowMLflow
CVE IDTitleCVSSSeverityPublished
CVE-2024-37054 MLflow 安全漏洞 — MLflowCWE-502 8.8 High2024-06-04
CVE-2024-37053 Mlflow 安全漏洞 — MLflowCWE-502 8.8 High2024-06-04
CVE-2024-37052 Mlflow 安全漏洞 — MLflowCWE-502 8.8 High2024-06-04
CVE-2024-4263 Improper Access Control in mlflow/mlflow — mlflow/mlflowCWE-284 8.1AIHighAI2024-05-16
CVE-2024-3848 Path Traversal Bypass in mlflow/mlflow — mlflow/mlflowCWE-29 7.5AIHighAI2024-05-16
CVE-2024-3573 Local File Inclusion (LFI) via Scheme Confusion in mlflow/mlflow — mlflow/mlflowCWE-29 7.5 -2024-04-16
CVE-2024-1594 Local File Read via Path Traversal in mlflow/mlflow — mlflow/mlflowCWE-22 7.5 -2024-04-16
CVE-2024-1558 Path Traversal Vulnerability in mlflow/mlflow — mlflow/mlflowCWE-22 6.5 -2024-04-16
CVE-2024-1593 Path Traversal via Parameter Smuggling in mlflow/mlflow — mlflow/mlflowCWE-22 9.1 -2024-04-16
CVE-2024-1560 Path Traversal Vulnerability in mlflow/mlflow — mlflow/mlflowCWE-22 7.5 -2024-04-16
CVE-2024-1483 Path Traversal Vulnerability in mlflow/mlflow — mlflow/mlflowCWE-22 7.5 -2024-04-16
CVE-2023-6977 Path Traversal: '\..\filename' — mlflow/mlflowCWE-29 6.5 -2023-12-20
CVE-2023-6976 Unrestricted Upload of File with Dangerous Type — mlflow/mlflowCWE-434 9.1 -2023-12-20
CVE-2023-6975 Path Traversal: '\..\filename' — mlflow/mlflowCWE-29 8.1 -2023-12-20
CVE-2023-6974 Server-Side Request Forgery (SSRF) — mlflow/mlflowCWE-918 9.8 -2023-12-20
CVE-2023-6940 Command Injection — mlflow/mlflowCWE-77 8.8 -2023-12-19
CVE-2023-6909 Path Traversal: '\..\filename' in mlflow/mlflow — mlflow/mlflowCWE-29 8.1AIHighAI2023-12-18
CVE-2023-6831 Path Traversal: '\..\filename' in mlflow/mlflow — mlflow/mlflowCWE-29 8.1 -2023-12-15
CVE-2023-6753 Path Traversal in mlflow/mlflow — mlflow/mlflowCWE-22 8.1AIHighAI2023-12-13
CVE-2023-6709 Improper Neutralization of Special Elements Used in a Template Engine in mlflow/mlflow — mlflow/mlflowCWE-1336 9.4AICriticalAI2023-12-12
CVE-2023-6568 Reflected XSS via Content-Type Header in mlflow/mlflow — mlflow/mlflowCWE-79 6.1 -2023-12-07
CVE-2023-6014 MLflow Authentication Bypass — mlflow/mlflowCWE-598 7.5 -2023-11-16
CVE-2023-6015 MLflow Arbitrary File Upload — mlflow/mlflowCWE-22 9.8 -2023-11-16
CVE-2023-6018 MLflow Arbitrary File Write — mlflow/mlflowCWE-78 9.1 -2023-11-16
CVE-2023-4033 OS Command Injection in mlflow/mlflow — mlflow/mlflowCWE-78 7.2 -2023-08-01
CVE-2023-3765 Absolute Path Traversal in mlflow/mlflow — mlflow/mlflowCWE-36 4.3 -2023-07-19
CVE-2023-2780 Path Traversal: '\..\filename' in mlflow/mlflow — mlflow/mlflowCWE-29 8.1 -2023-05-17
CVE-2023-2356 Relative Path Traversal in mlflow/mlflow — mlflow/mlflowCWE-23 7.7 -2023-04-28
CVE-2023-1177 Path Traversal: '\..\filename' in mlflow/mlflow — mlflow/mlflowCWE-29 9.3 Critical2023-03-24
CVE-2023-1176 Absolute Path Traversal in mlflow/mlflow — mlflow/mlflowCWE-36 7.1 -2023-03-24

This page lists every published CVE security advisory associated with MLflow. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.