Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/mlflow@2.9.0
Typepypi
Namespace
Namemlflow
Version2.9.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.11.0rc0
Latest_non_vulnerable_version3.11.0rc0
Affected_by_vulnerabilities
0
url VCID-7m3u-tyeh-rqgz
vulnerability_id VCID-7m3u-tyeh-rqgz
summary A broken access control vulnerability exists in mlflow/mlflow versions before 2.10.1, where low privilege users with only EDIT permissions on an experiment can delete any artifacts. This issue arises due to the lack of proper validation for DELETE requests by users with EDIT permissions, allowing them to perform unauthorized deletions of artifacts. The vulnerability specifically affects the handling of artifact deletions within the application, as demonstrated by the ability of a low privilege user to delete a directory inside an artifact using a DELETE request, despite the official documentation stating that users with EDIT permission can only read and update artifacts, not delete them.
references
0
reference_url https://github.com/mlflow/mlflow/commit/b43e0e3de5b500554e13dc032ba2083b2d6c94b8
reference_id
reference_type
scores
url https://github.com/mlflow/mlflow/commit/b43e0e3de5b500554e13dc032ba2083b2d6c94b8
1
reference_url https://huntr.com/bounties/bfa116d3-2af8-4c4a-ac34-ccde7491ae11
reference_id
reference_type
scores
url https://huntr.com/bounties/bfa116d3-2af8-4c4a-ac34-ccde7491ae11
fixed_packages
0
url pkg:pypi/mlflow@2.10.1
purl pkg:pypi/mlflow@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cu1t-7wnm-y7hk
1
vulnerability VCID-g9p5-4cqv-qfew
2
vulnerability VCID-hz26-bm34-gkfx
3
vulnerability VCID-jbuf-3rr2-5kcv
4
vulnerability VCID-pzmb-xzk9-s7dy
5
vulnerability VCID-rcqb-2498-77e2
6
vulnerability VCID-syg7-c85s-4ufu
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@2.10.1
aliases CVE-2024-4263, PYSEC-2024-51
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7m3u-tyeh-rqgz
1
url VCID-93v9-5y4m-t7dz
vulnerability_id VCID-93v9-5y4m-t7dz
summary A reflected Cross-Site Scripting (XSS) vulnerability exists in the mlflow/mlflow repository, specifically within the handling of the Content-Type header in POST requests. An attacker can inject malicious JavaScript code into the Content-Type header, which is then improperly reflected back to the user without adequate sanitization or escaping, leading to arbitrary JavaScript execution in the context of the victim's browser. The vulnerability is present in the mlflow/server/auth/__init__.py file, where the user-supplied Content-Type header is directly injected into a Python formatted string and returned to the user, facilitating the XSS attack.
references
0
reference_url https://github.com/mlflow/mlflow/commit/28ff3f94994941e038f2172c6484b65dc4db6ca1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://github.com/mlflow/mlflow/commit/28ff3f94994941e038f2172c6484b65dc4db6ca1
1
reference_url https://huntr.com/bounties/816bdaaa-8153-4732-951e-b0d92fddf709
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://huntr.com/bounties/816bdaaa-8153-4732-951e-b0d92fddf709
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-6568
reference_id CVE-2023-6568
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-6568
3
reference_url https://github.com/advisories/GHSA-vwhf-3v6x-wff8
reference_id GHSA-vwhf-3v6x-wff8
reference_type
scores
url https://github.com/advisories/GHSA-vwhf-3v6x-wff8
fixed_packages
0
url pkg:pypi/mlflow@2.9.1
purl pkg:pypi/mlflow@2.9.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7m3u-tyeh-rqgz
1
vulnerability VCID-cu1t-7wnm-y7hk
2
vulnerability VCID-deyg-v3z9-6fet
3
vulnerability VCID-ep2z-9m6r-6ubu
4
vulnerability VCID-g9p5-4cqv-qfew
5
vulnerability VCID-hz26-bm34-gkfx
6
vulnerability VCID-j3ax-7a88-f7ff
7
vulnerability VCID-jbuf-3rr2-5kcv
8
vulnerability VCID-ns8z-pwe6-vbby
9
vulnerability VCID-pzmb-xzk9-s7dy
10
vulnerability VCID-rcqb-2498-77e2
11
vulnerability VCID-s76e-s9ut-2bdq
12
vulnerability VCID-saca-pg4n-xucu
13
vulnerability VCID-syg7-c85s-4ufu
14
vulnerability VCID-vd8p-48kf-yyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@2.9.1
aliases CVE-2023-6568, GHSA-vwhf-3v6x-wff8, PYSEC-2023-260
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-93v9-5y4m-t7dz
2
url VCID-cu1t-7wnm-y7hk
vulnerability_id VCID-cu1t-7wnm-y7hk
summary 
MLflow is vulnerable to an authorization bypass affecting the AJAX endpoint used to download saved model artifacts. Due to missing access‑control validation, a user without permissions to a given experiment can directly query this endpoint and retrieve model artifacts they are not authorized to access.

 
This issue affects MLflow version through 3.10.1
references
0
reference_url https://afine.com/blogs/attacking-mlflow-how-ml-artifacts-become-attack-vectors
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://afine.com/blogs/attacking-mlflow-how-ml-artifacts-become-attack-vectors
1
reference_url https://cert.pl/en/posts/2026/04/CVE-2026-33865/
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://cert.pl/en/posts/2026/04/CVE-2026-33865/
2
reference_url https://github.com/mlflow/mlflow/pull/21708
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://github.com/mlflow/mlflow/pull/21708
fixed_packages
0
url pkg:pypi/mlflow@3.11.0rc0
purl pkg:pypi/mlflow@3.11.0rc0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.11.0rc0
aliases CVE-2026-33866, PYSEC-2026-94
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cu1t-7wnm-y7hk
3
url VCID-deyg-v3z9-6fet
vulnerability_id VCID-deyg-v3z9-6fet
summary 
Insufficient sanitization in MLflow leads to XSS when running an untrusted recipe.

This issue leads to a client-side RCE when running an untrusted recipe in Jupyter Notebook.

The vulnerability stems from lack of sanitization over template variables.
references
0
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
url https://github.com/mlflow/mlflow
1
reference_url https://github.com/mlflow/mlflow/pull/10873
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://github.com/mlflow/mlflow/pull/10873
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2024-240.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2024-240.yaml
3
reference_url https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930
reference_id
reference_type
scores
url https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930
4
reference_url https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-27132
reference_id CVE-2024-27132
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2024-27132
6
reference_url https://github.com/advisories/GHSA-6749-m5cp-6cg7
reference_id GHSA-6749-m5cp-6cg7
reference_type
scores
url https://github.com/advisories/GHSA-6749-m5cp-6cg7
fixed_packages
0
url pkg:pypi/mlflow@2.10.0
purl pkg:pypi/mlflow@2.10.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7m3u-tyeh-rqgz
1
vulnerability VCID-cu1t-7wnm-y7hk
2
vulnerability VCID-g9p5-4cqv-qfew
3
vulnerability VCID-hz26-bm34-gkfx
4
vulnerability VCID-jbuf-3rr2-5kcv
5
vulnerability VCID-pzmb-xzk9-s7dy
6
vulnerability VCID-rcqb-2498-77e2
7
vulnerability VCID-syg7-c85s-4ufu
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@2.10.0
aliases CVE-2024-27132, GHSA-6749-m5cp-6cg7, PYSEC-2024-240
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-deyg-v3z9-6fet
4
url VCID-ep2z-9m6r-6ubu
vulnerability_id VCID-ep2z-9m6r-6ubu
summary Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository mlflow/mlflow prior to 2.9.2.
references
0
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
url https://github.com/mlflow/mlflow
1
reference_url https://github.com/mlflow/mlflow/commit/432b8ccf27fd3a76df4ba79bb1bec62118a85625
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://github.com/mlflow/mlflow/commit/432b8ccf27fd3a76df4ba79bb1bec62118a85625
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2023-281.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2023-281.yaml
3
reference_url https://huntr.com/bounties/9e4cc07b-6fff-421b-89bd-9445ef61d34d
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://huntr.com/bounties/9e4cc07b-6fff-421b-89bd-9445ef61d34d
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-6709
reference_id CVE-2023-6709
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-6709
5
reference_url https://github.com/advisories/GHSA-cxfr-5q3r-2rc2
reference_id GHSA-cxfr-5q3r-2rc2
reference_type
scores
url https://github.com/advisories/GHSA-cxfr-5q3r-2rc2
fixed_packages
0
url pkg:pypi/mlflow@2.9.2
purl pkg:pypi/mlflow@2.9.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22x6-fafr-y3db
1
vulnerability VCID-7m3u-tyeh-rqgz
2
vulnerability VCID-cu1t-7wnm-y7hk
3
vulnerability VCID-deyg-v3z9-6fet
4
vulnerability VCID-fsds-g6hy-jud8
5
vulnerability VCID-g9p5-4cqv-qfew
6
vulnerability VCID-hz26-bm34-gkfx
7
vulnerability VCID-j3ax-7a88-f7ff
8
vulnerability VCID-jbuf-3rr2-5kcv
9
vulnerability VCID-kx8z-7c3y-kkb5
10
vulnerability VCID-pzmb-xzk9-s7dy
11
vulnerability VCID-rcqb-2498-77e2
12
vulnerability VCID-syg7-c85s-4ufu
13
vulnerability VCID-vd8p-48kf-yyg6
14
vulnerability VCID-wdb6-4eqr-myd2
15
vulnerability VCID-yseh-dp68-wkfd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@2.9.2
aliases CVE-2023-6709, GHSA-cxfr-5q3r-2rc2, PYSEC-2023-281
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ep2z-9m6r-6ubu
5
url VCID-g9p5-4cqv-qfew
vulnerability_id VCID-g9p5-4cqv-qfew
summary 
MLflow is vulnerable to Stored Cross-Site Scripting (XSS) caused by unsafe parsing of YAML-based MLmodel artifacts in its web interface. An authenticated attacker can upload a malicious MLmodel file containing a payload that executes when another user views the artifact in the UI. This allows actions such as session hijacking or performing operations on behalf of the victim. 

This issue affects MLflow version through 3.10.1
references
0
reference_url https://afine.com/blogs/attacking-mlflow-how-ml-artifacts-become-attack-vectors
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
url https://afine.com/blogs/attacking-mlflow-how-ml-artifacts-become-attack-vectors
1
reference_url https://cert.pl/en/posts/2026/04/CVE-2026-33865/
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
url https://cert.pl/en/posts/2026/04/CVE-2026-33865/
2
reference_url https://github.com/mlflow/mlflow/pull/21435
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
url https://github.com/mlflow/mlflow/pull/21435
fixed_packages
0
url pkg:pypi/mlflow@3.11.0rc0
purl pkg:pypi/mlflow@3.11.0rc0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.11.0rc0
aliases CVE-2026-33865, PYSEC-2026-93
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g9p5-4cqv-qfew
6
url VCID-hz26-bm34-gkfx
vulnerability_id VCID-hz26-bm34-gkfx
summary In mlflow/mlflow version 2.18, an admin is able to create a new user account without setting a password. This vulnerability could lead to security risks, as accounts without passwords may be susceptible to unauthorized access. Additionally, this issue violates best practices for secure user account management. The issue is fixed in version 2.19.0.
references
0
reference_url https://github.com/mlflow/mlflow/commit/149c9e18aa219bc47e86b432e130e467a36f4a17
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
url https://github.com/mlflow/mlflow/commit/149c9e18aa219bc47e86b432e130e467a36f4a17
1
reference_url https://huntr.com/bounties/e79f7774-10fe-46b2-b522-e73b748e3b2d
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
url https://huntr.com/bounties/e79f7774-10fe-46b2-b522-e73b748e3b2d
fixed_packages
0
url pkg:pypi/mlflow@2.19.0
purl pkg:pypi/mlflow@2.19.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cu1t-7wnm-y7hk
1
vulnerability VCID-g9p5-4cqv-qfew
2
vulnerability VCID-rcqb-2498-77e2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@2.19.0
aliases CVE-2025-1474, PYSEC-2025-17
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hz26-bm34-gkfx
7
url VCID-j3ax-7a88-f7ff
vulnerability_id VCID-j3ax-7a88-f7ff
summary Insufficient sanitization in MLflow leads to XSS when running a recipe that uses an untrusted dataset. This issue leads to a client-side RCE when running the recipe in Jupyter Notebook. The vulnerability stems from lack of sanitization over dataset table fields.
references
0
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
url https://github.com/mlflow/mlflow
1
reference_url https://github.com/mlflow/mlflow/commit/c43823750bffa5b6abcc086683b15a068513b67b
reference_id
reference_type
scores
url https://github.com/mlflow/mlflow/commit/c43823750bffa5b6abcc086683b15a068513b67b
2
reference_url https://github.com/mlflow/mlflow/commit/cfa71879a884cc3520e23ccab998c9aa78fdf2b1
reference_id
reference_type
scores
url https://github.com/mlflow/mlflow/commit/cfa71879a884cc3520e23ccab998c9aa78fdf2b1
3
reference_url https://github.com/mlflow/mlflow/pull/10893
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://github.com/mlflow/mlflow/pull/10893
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2024-241.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2024-241.yaml
5
reference_url https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932
reference_id
reference_type
scores
url https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932
6
reference_url https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-27133
reference_id CVE-2024-27133
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2024-27133
8
reference_url https://github.com/advisories/GHSA-3v79-q7ph-j75h
reference_id GHSA-3v79-q7ph-j75h
reference_type
scores
url https://github.com/advisories/GHSA-3v79-q7ph-j75h
fixed_packages
0
url pkg:pypi/mlflow@2.10.0
purl pkg:pypi/mlflow@2.10.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7m3u-tyeh-rqgz
1
vulnerability VCID-cu1t-7wnm-y7hk
2
vulnerability VCID-g9p5-4cqv-qfew
3
vulnerability VCID-hz26-bm34-gkfx
4
vulnerability VCID-jbuf-3rr2-5kcv
5
vulnerability VCID-pzmb-xzk9-s7dy
6
vulnerability VCID-rcqb-2498-77e2
7
vulnerability VCID-syg7-c85s-4ufu
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@2.10.0
aliases CVE-2024-27133, GHSA-3v79-q7ph-j75h, PYSEC-2024-241
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j3ax-7a88-f7ff
8
url VCID-jbuf-3rr2-5kcv
vulnerability_id VCID-jbuf-3rr2-5kcv
summary A Local File Inclusion (LFI) vulnerability was identified in mlflow/mlflow, specifically in version 2.9.2, which was fixed in version 2.11.3. This vulnerability arises from the application's failure to properly validate URI fragments for directory traversal sequences such as '../'. An attacker can exploit this flaw by manipulating the fragment part of the URI to read arbitrary files on the local file system, including sensitive files like '/etc/passwd'. The vulnerability is a bypass to a previous patch that only addressed similar manipulation within the URI's query string, highlighting the need for comprehensive validation of all parts of a URI to prevent LFI attacks.
references
0
reference_url https://github.com/mlflow/mlflow/commit/96f0b573a73d8eedd6735a2ce26e08859527be07
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://github.com/mlflow/mlflow/commit/96f0b573a73d8eedd6735a2ce26e08859527be07
1
reference_url https://huntr.com/bounties/19bf02d7-6393-4a95-b9d0-d6d4d2d8c298
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://huntr.com/bounties/19bf02d7-6393-4a95-b9d0-d6d4d2d8c298
fixed_packages
0
url pkg:pypi/mlflow@2.11.3
purl pkg:pypi/mlflow@2.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cu1t-7wnm-y7hk
1
vulnerability VCID-g9p5-4cqv-qfew
2
vulnerability VCID-hz26-bm34-gkfx
3
vulnerability VCID-pzmb-xzk9-s7dy
4
vulnerability VCID-rcqb-2498-77e2
5
vulnerability VCID-syg7-c85s-4ufu
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@2.11.3
aliases CVE-2024-2928, PYSEC-2024-242
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jbuf-3rr2-5kcv
9
url VCID-ns8z-pwe6-vbby
vulnerability_id VCID-ns8z-pwe6-vbby
summary Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2.
references
0
reference_url https://github.com/mlflow/mlflow/commit/1da75dfcecd4d169e34809ade55748384e8af6c1
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
url https://github.com/mlflow/mlflow/commit/1da75dfcecd4d169e34809ade55748384e8af6c1
1
reference_url https://huntr.com/bounties/0acdd745-0167-4912-9d5c-02035fe5b314
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
url https://huntr.com/bounties/0acdd745-0167-4912-9d5c-02035fe5b314
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-6831
reference_id CVE-2023-6831
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-6831
3
reference_url https://github.com/advisories/GHSA-554w-xh4j-8w64
reference_id GHSA-554w-xh4j-8w64
reference_type
scores
url https://github.com/advisories/GHSA-554w-xh4j-8w64
fixed_packages
0
url pkg:pypi/mlflow@2.9.2
purl pkg:pypi/mlflow@2.9.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22x6-fafr-y3db
1
vulnerability VCID-7m3u-tyeh-rqgz
2
vulnerability VCID-cu1t-7wnm-y7hk
3
vulnerability VCID-deyg-v3z9-6fet
4
vulnerability VCID-fsds-g6hy-jud8
5
vulnerability VCID-g9p5-4cqv-qfew
6
vulnerability VCID-hz26-bm34-gkfx
7
vulnerability VCID-j3ax-7a88-f7ff
8
vulnerability VCID-jbuf-3rr2-5kcv
9
vulnerability VCID-kx8z-7c3y-kkb5
10
vulnerability VCID-pzmb-xzk9-s7dy
11
vulnerability VCID-rcqb-2498-77e2
12
vulnerability VCID-syg7-c85s-4ufu
13
vulnerability VCID-vd8p-48kf-yyg6
14
vulnerability VCID-wdb6-4eqr-myd2
15
vulnerability VCID-yseh-dp68-wkfd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@2.9.2
aliases CVE-2023-6831, GHSA-554w-xh4j-8w64, PYSEC-2023-253
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ns8z-pwe6-vbby
10
url VCID-pzmb-xzk9-s7dy
vulnerability_id VCID-pzmb-xzk9-s7dy
summary A path traversal vulnerability exists in mlflow/mlflow version 2.11.0, identified as a bypass for the previously addressed CVE-2023-6909. The vulnerability arises from the application's handling of artifact URLs, where a '#' character can be used to insert a path into the fragment, effectively skipping validation. This allows an attacker to construct a URL that, when processed, ignores the protocol scheme and uses the provided path for filesystem access. As a result, an attacker can read arbitrary files, including sensitive information such as SSH and cloud keys, by exploiting the way the application converts the URL into a filesystem path. The issue stems from insufficient validation of the fragment portion of the URL, leading to arbitrary file read through path traversal.
references
0
reference_url https://github.com/mlflow/mlflow/commit/f8d51e21523238280ebcfdb378612afd7844eca8
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://github.com/mlflow/mlflow/commit/f8d51e21523238280ebcfdb378612afd7844eca8
1
reference_url https://huntr.com/bounties/8d5aadaa-522f-4839-b41b-d7da362dd610
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://huntr.com/bounties/8d5aadaa-522f-4839-b41b-d7da362dd610
fixed_packages
0
url pkg:pypi/mlflow@2.12.1
purl pkg:pypi/mlflow@2.12.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cu1t-7wnm-y7hk
1
vulnerability VCID-g9p5-4cqv-qfew
2
vulnerability VCID-hz26-bm34-gkfx
3
vulnerability VCID-rcqb-2498-77e2
4
vulnerability VCID-syg7-c85s-4ufu
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@2.12.1
aliases CVE-2024-3848, PYSEC-2024-244
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pzmb-xzk9-s7dy
11
url VCID-rcqb-2498-77e2
vulnerability_id VCID-rcqb-2498-77e2
summary gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation.
references
0
reference_url https://github.com/mlflow/mlflow/issues/15944
reference_id
reference_type
scores
url https://github.com/mlflow/mlflow/issues/15944
1
reference_url https://github.com/mlflow/mlflow/pull/15970
reference_id
reference_type
scores
url https://github.com/mlflow/mlflow/pull/15970
2
reference_url https://github.com/mlflow/mlflow/releases/tag/v3.1.0
reference_id
reference_type
scores
url https://github.com/mlflow/mlflow/releases/tag/v3.1.0
fixed_packages
0
url pkg:pypi/mlflow@3.1.0
purl pkg:pypi/mlflow@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cu1t-7wnm-y7hk
1
vulnerability VCID-g9p5-4cqv-qfew
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@3.1.0
aliases CVE-2025-52967, PYSEC-2025-52
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rcqb-2498-77e2
12
url VCID-s76e-s9ut-2bdq
vulnerability_id VCID-s76e-s9ut-2bdq
summary Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2.
references
0
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
url https://github.com/mlflow/mlflow
1
reference_url https://github.com/mlflow/mlflow/commit/1da75dfcecd4d169e34809ade55748384e8af6c1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://github.com/mlflow/mlflow/commit/1da75dfcecd4d169e34809ade55748384e8af6c1
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2023-252.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2023-252.yaml
3
reference_url https://huntr.com/bounties/11209efb-0f84-482f-add0-587ea6b7e850
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://huntr.com/bounties/11209efb-0f84-482f-add0-587ea6b7e850
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-6909
reference_id CVE-2023-6909
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-6909
5
reference_url https://github.com/advisories/GHSA-5r3q-93q3-f978
reference_id GHSA-5r3q-93q3-f978
reference_type
scores
url https://github.com/advisories/GHSA-5r3q-93q3-f978
fixed_packages
0
url pkg:pypi/mlflow@2.9.2
purl pkg:pypi/mlflow@2.9.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22x6-fafr-y3db
1
vulnerability VCID-7m3u-tyeh-rqgz
2
vulnerability VCID-cu1t-7wnm-y7hk
3
vulnerability VCID-deyg-v3z9-6fet
4
vulnerability VCID-fsds-g6hy-jud8
5
vulnerability VCID-g9p5-4cqv-qfew
6
vulnerability VCID-hz26-bm34-gkfx
7
vulnerability VCID-j3ax-7a88-f7ff
8
vulnerability VCID-jbuf-3rr2-5kcv
9
vulnerability VCID-kx8z-7c3y-kkb5
10
vulnerability VCID-pzmb-xzk9-s7dy
11
vulnerability VCID-rcqb-2498-77e2
12
vulnerability VCID-syg7-c85s-4ufu
13
vulnerability VCID-vd8p-48kf-yyg6
14
vulnerability VCID-wdb6-4eqr-myd2
15
vulnerability VCID-yseh-dp68-wkfd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@2.9.2
aliases CVE-2023-6909, GHSA-5r3q-93q3-f978, PYSEC-2023-252
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s76e-s9ut-2bdq
13
url VCID-saca-pg4n-xucu
vulnerability_id VCID-saca-pg4n-xucu
summary Path Traversal in GitHub repository mlflow/mlflow prior to 2.9.2.
references
0
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
url https://github.com/mlflow/mlflow
1
reference_url https://github.com/mlflow/mlflow/commit/1c6309f884798fbf56017a3cc808016869ee8de4
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://github.com/mlflow/mlflow/commit/1c6309f884798fbf56017a3cc808016869ee8de4
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2023-309.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2023-309.yaml
3
reference_url https://huntr.com/bounties/b397b83a-527a-47e7-b912-a12a17a6cfb4
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://huntr.com/bounties/b397b83a-527a-47e7-b912-a12a17a6cfb4
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-6753
reference_id CVE-2023-6753
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-6753
5
reference_url https://github.com/advisories/GHSA-v945-r3rc-6fjm
reference_id GHSA-v945-r3rc-6fjm
reference_type
scores
url https://github.com/advisories/GHSA-v945-r3rc-6fjm
fixed_packages
0
url pkg:pypi/mlflow@2.9.2
purl pkg:pypi/mlflow@2.9.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22x6-fafr-y3db
1
vulnerability VCID-7m3u-tyeh-rqgz
2
vulnerability VCID-cu1t-7wnm-y7hk
3
vulnerability VCID-deyg-v3z9-6fet
4
vulnerability VCID-fsds-g6hy-jud8
5
vulnerability VCID-g9p5-4cqv-qfew
6
vulnerability VCID-hz26-bm34-gkfx
7
vulnerability VCID-j3ax-7a88-f7ff
8
vulnerability VCID-jbuf-3rr2-5kcv
9
vulnerability VCID-kx8z-7c3y-kkb5
10
vulnerability VCID-pzmb-xzk9-s7dy
11
vulnerability VCID-rcqb-2498-77e2
12
vulnerability VCID-syg7-c85s-4ufu
13
vulnerability VCID-vd8p-48kf-yyg6
14
vulnerability VCID-wdb6-4eqr-myd2
15
vulnerability VCID-yseh-dp68-wkfd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@2.9.2
aliases CVE-2023-6753, GHSA-v945-r3rc-6fjm, PYSEC-2023-309
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-saca-pg4n-xucu
14
url VCID-syg7-c85s-4ufu
vulnerability_id VCID-syg7-c85s-4ufu
summary Excessive directory permissions in MLflow leads to local privilege escalation when using spark_udf. This behavior can be exploited by a local attacker to gain elevated permissions by using a ToCToU attack. The issue is only relevant when the spark_udf() MLflow API is called.
references
0
reference_url https://github.com/mlflow/mlflow/pull/10874
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://github.com/mlflow/mlflow/pull/10874
fixed_packages
0
url pkg:pypi/mlflow@2.16.0
purl pkg:pypi/mlflow@2.16.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cu1t-7wnm-y7hk
1
vulnerability VCID-g9p5-4cqv-qfew
2
vulnerability VCID-hz26-bm34-gkfx
3
vulnerability VCID-rcqb-2498-77e2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@2.16.0
aliases CVE-2024-27134, PYSEC-2024-224
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-syg7-c85s-4ufu
15
url VCID-vd8p-48kf-yyg6
vulnerability_id VCID-vd8p-48kf-yyg6
summary mlflow/mlflow is vulnerable to Local File Inclusion (LFI) due to improper parsing of URIs, allowing attackers to bypass checks and read arbitrary files on the system. The issue arises from the 'is_local_uri' function's failure to properly handle URIs with empty or 'file' schemes, leading to the misclassification of URIs as non-local. Attackers can exploit this by crafting malicious model versions with specially crafted 'source' parameters, enabling the reading of sensitive files within at least two directory levels from the server's root.
references
0
reference_url https://github.com/mlflow/mlflow
reference_id
reference_type
scores
url https://github.com/mlflow/mlflow
1
reference_url https://github.com/mlflow/mlflow/commit/438a450714a3ca06285eeea34bdc6cf79d7f6cbc
reference_id
reference_type
scores
0
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
url https://github.com/mlflow/mlflow/commit/438a450714a3ca06285eeea34bdc6cf79d7f6cbc
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2024-243.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2024-243.yaml
3
reference_url https://huntr.com/bounties/8ea058a7-4ef8-4baf-9198-bc0147fc543c
reference_id
reference_type
scores
0
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
url https://huntr.com/bounties/8ea058a7-4ef8-4baf-9198-bc0147fc543c
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-3573
reference_id CVE-2024-3573
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2024-3573
5
reference_url https://github.com/advisories/GHSA-hq88-wg7q-gp4g
reference_id GHSA-hq88-wg7q-gp4g
reference_type
scores
url https://github.com/advisories/GHSA-hq88-wg7q-gp4g
fixed_packages
0
url pkg:pypi/mlflow@2.10.0
purl pkg:pypi/mlflow@2.10.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7m3u-tyeh-rqgz
1
vulnerability VCID-cu1t-7wnm-y7hk
2
vulnerability VCID-g9p5-4cqv-qfew
3
vulnerability VCID-hz26-bm34-gkfx
4
vulnerability VCID-jbuf-3rr2-5kcv
5
vulnerability VCID-pzmb-xzk9-s7dy
6
vulnerability VCID-rcqb-2498-77e2
7
vulnerability VCID-syg7-c85s-4ufu
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@2.10.0
aliases CVE-2024-3573, GHSA-hq88-wg7q-gp4g, PYSEC-2024-243
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vd8p-48kf-yyg6
Fixing_vulnerabilities
0
url VCID-93v9-5y4m-t7dz
vulnerability_id VCID-93v9-5y4m-t7dz
summary A reflected Cross-Site Scripting (XSS) vulnerability exists in the mlflow/mlflow repository, specifically within the handling of the Content-Type header in POST requests. An attacker can inject malicious JavaScript code into the Content-Type header, which is then improperly reflected back to the user without adequate sanitization or escaping, leading to arbitrary JavaScript execution in the context of the victim's browser. The vulnerability is present in the mlflow/server/auth/__init__.py file, where the user-supplied Content-Type header is directly injected into a Python formatted string and returned to the user, facilitating the XSS attack.
references
0
reference_url https://github.com/mlflow/mlflow/commit/28ff3f94994941e038f2172c6484b65dc4db6ca1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://github.com/mlflow/mlflow/commit/28ff3f94994941e038f2172c6484b65dc4db6ca1
1
reference_url https://huntr.com/bounties/816bdaaa-8153-4732-951e-b0d92fddf709
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://huntr.com/bounties/816bdaaa-8153-4732-951e-b0d92fddf709
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-6568
reference_id CVE-2023-6568
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-6568
3
reference_url https://github.com/advisories/GHSA-vwhf-3v6x-wff8
reference_id GHSA-vwhf-3v6x-wff8
reference_type
scores
url https://github.com/advisories/GHSA-vwhf-3v6x-wff8
fixed_packages
0
url pkg:pypi/mlflow@2.9.0
purl pkg:pypi/mlflow@2.9.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7m3u-tyeh-rqgz
1
vulnerability VCID-93v9-5y4m-t7dz
2
vulnerability VCID-cu1t-7wnm-y7hk
3
vulnerability VCID-deyg-v3z9-6fet
4
vulnerability VCID-ep2z-9m6r-6ubu
5
vulnerability VCID-g9p5-4cqv-qfew
6
vulnerability VCID-hz26-bm34-gkfx
7
vulnerability VCID-j3ax-7a88-f7ff
8
vulnerability VCID-jbuf-3rr2-5kcv
9
vulnerability VCID-ns8z-pwe6-vbby
10
vulnerability VCID-pzmb-xzk9-s7dy
11
vulnerability VCID-rcqb-2498-77e2
12
vulnerability VCID-s76e-s9ut-2bdq
13
vulnerability VCID-saca-pg4n-xucu
14
vulnerability VCID-syg7-c85s-4ufu
15
vulnerability VCID-vd8p-48kf-yyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@2.9.0
1
url pkg:pypi/mlflow@2.9.1
purl pkg:pypi/mlflow@2.9.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7m3u-tyeh-rqgz
1
vulnerability VCID-cu1t-7wnm-y7hk
2
vulnerability VCID-deyg-v3z9-6fet
3
vulnerability VCID-ep2z-9m6r-6ubu
4
vulnerability VCID-g9p5-4cqv-qfew
5
vulnerability VCID-hz26-bm34-gkfx
6
vulnerability VCID-j3ax-7a88-f7ff
7
vulnerability VCID-jbuf-3rr2-5kcv
8
vulnerability VCID-ns8z-pwe6-vbby
9
vulnerability VCID-pzmb-xzk9-s7dy
10
vulnerability VCID-rcqb-2498-77e2
11
vulnerability VCID-s76e-s9ut-2bdq
12
vulnerability VCID-saca-pg4n-xucu
13
vulnerability VCID-syg7-c85s-4ufu
14
vulnerability VCID-vd8p-48kf-yyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@2.9.1
aliases CVE-2023-6568, GHSA-vwhf-3v6x-wff8, PYSEC-2023-260
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-93v9-5y4m-t7dz
1
url VCID-c7tc-cv45-d7c2
vulnerability_id VCID-c7tc-cv45-d7c2
summary 
Information exposure in MLflow
An issue in MLFlow versions 2.8.1 and before allows a remote attacker to obtain sensitive information via a crafted request to REST API.
references
0
reference_url https://mlflow.org/news/2023/12/06/2.9.0-release/index.html
reference_id
reference_type
scores
url https://mlflow.org/news/2023/12/06/2.9.0-release/index.html
1
reference_url https://www.contrastsecurity.com/security-influencers/discovering-mlflow-framework-zero-day-vulnerability-machine-language-model-security-contrast-security
reference_id
reference_type
scores
url https://www.contrastsecurity.com/security-influencers/discovering-mlflow-framework-zero-day-vulnerability-machine-language-model-security-contrast-security
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-43472
reference_id CVE-2023-43472
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-43472
3
reference_url https://github.com/advisories/GHSA-wqxf-447m-6f5f
reference_id GHSA-wqxf-447m-6f5f
reference_type
scores
url https://github.com/advisories/GHSA-wqxf-447m-6f5f
fixed_packages
0
url pkg:pypi/mlflow@2.9.0
purl pkg:pypi/mlflow@2.9.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7m3u-tyeh-rqgz
1
vulnerability VCID-93v9-5y4m-t7dz
2
vulnerability VCID-cu1t-7wnm-y7hk
3
vulnerability VCID-deyg-v3z9-6fet
4
vulnerability VCID-ep2z-9m6r-6ubu
5
vulnerability VCID-g9p5-4cqv-qfew
6
vulnerability VCID-hz26-bm34-gkfx
7
vulnerability VCID-j3ax-7a88-f7ff
8
vulnerability VCID-jbuf-3rr2-5kcv
9
vulnerability VCID-ns8z-pwe6-vbby
10
vulnerability VCID-pzmb-xzk9-s7dy
11
vulnerability VCID-rcqb-2498-77e2
12
vulnerability VCID-s76e-s9ut-2bdq
13
vulnerability VCID-saca-pg4n-xucu
14
vulnerability VCID-syg7-c85s-4ufu
15
vulnerability VCID-vd8p-48kf-yyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@2.9.0
aliases CVE-2023-43472, GHSA-wqxf-447m-6f5f
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c7tc-cv45-d7c2
2
url VCID-wwe2-hxs5-t7eq
vulnerability_id VCID-wwe2-hxs5-t7eq
summary A vulnerability in mlflow/mlflow version 8.2.1 allows for remote code execution due to improper neutralization of special elements used in an OS command ('Command Injection') within the `mlflow.data.http_dataset_source.py` module. Specifically, when loading a dataset from a source URL with an HTTP scheme, the filename extracted from the `Content-Disposition` header or the URL path is used to generate the final file path without proper sanitization. This flaw enables an attacker to control the file path fully by utilizing path traversal or absolute path techniques, such as '../../tmp/poc.txt' or '/tmp/poc.txt', leading to arbitrary file write. Exploiting this vulnerability could allow a malicious user to execute commands on the vulnerable machine, potentially gaining access to data and model information. The issue is fixed in version 2.9.0.
references
0
reference_url https://github.com/mlflow/mlflow/commit/400c226953b4568f4361bc0a0c223511652c2b9d
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://github.com/mlflow/mlflow/commit/400c226953b4568f4361bc0a0c223511652c2b9d
1
reference_url https://huntr.com/bounties/93e470d7-b6f0-409b-af63-49d3e2a26dbc
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://huntr.com/bounties/93e470d7-b6f0-409b-af63-49d3e2a26dbc
fixed_packages
0
url pkg:pypi/mlflow@2.9.0
purl pkg:pypi/mlflow@2.9.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7m3u-tyeh-rqgz
1
vulnerability VCID-93v9-5y4m-t7dz
2
vulnerability VCID-cu1t-7wnm-y7hk
3
vulnerability VCID-deyg-v3z9-6fet
4
vulnerability VCID-ep2z-9m6r-6ubu
5
vulnerability VCID-g9p5-4cqv-qfew
6
vulnerability VCID-hz26-bm34-gkfx
7
vulnerability VCID-j3ax-7a88-f7ff
8
vulnerability VCID-jbuf-3rr2-5kcv
9
vulnerability VCID-ns8z-pwe6-vbby
10
vulnerability VCID-pzmb-xzk9-s7dy
11
vulnerability VCID-rcqb-2498-77e2
12
vulnerability VCID-s76e-s9ut-2bdq
13
vulnerability VCID-saca-pg4n-xucu
14
vulnerability VCID-syg7-c85s-4ufu
15
vulnerability VCID-vd8p-48kf-yyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@2.9.0
aliases CVE-2024-0520, PYSEC-2024-239
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wwe2-hxs5-t7eq
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@2.9.0