Lucene search
+L

7 matches found

vulnersosv
vulnersosv
added 2024/06/04 12:31 p.m.3 views

a2 (>=0.1.0 <=0.3.17), agentos (>=0.0.5 <=0.0.7) +164 more potentially affected by CVE-2024-37061 via mlflow (>=1.11.0 <=2.13.1)

mlflow PYPI version =1.11.0, =0.1.0, =0.0.5, =0.1.2, =1.0.72, =0.0.1, =1.0.72.1, =1.4.0, =0.2.5, =0.1.3, =3.0.0, =0.1.0, =0.3.5, =0.8.0, =1.0.0 and more Source cves: CVE-2024-37061 Source advisory: OSV:GHSA-PQCV-QW2R-R859...

8.8CVSS7.2AI score0.00884EPSS
Exploits1
osv
osv
added 2024/06/04 12:15 p.m.2 views

CVE-2024-37061

Remote Code Execution can occur in versions of the MLflow platform running version 1.11.0 or newer, enabling a maliciously crafted MLproject to execute arbitrary code on an end user’s system when run...

8.8CVSS6.2AI score0.00884EPSS
Exploits1References1
nvd
nvd
added 2024/06/04 12:15 p.m.41 views

CVE-2024-37061

Remote Code Execution can occur in versions of the MLflow platform running version 1.11.0 or newer, enabling a maliciously crafted MLproject to execute arbitrary code on an end user’s system when run...

8.8CVSS9.1AI score0.00884EPSS
Exploits1References1
wolfi
wolfi
added 2024/06/04 12:15 p.m.25 views

CVE-2024-37061 vulnerabilities

Vulnerabilities for packages: mlflow...

8.8CVSS7.2AI score0.00884EPSS
Exploits1
cve
cve
added 2024/06/04 12:2 p.m.280 views

CVE-2024-37061

MLflow CVE-2024-37061 affects MLflow platforms running version 1.11.0 or newer. A maliciously crafted MLproject can trigger remote code execution on an end user’s system when run. Multiple connected sources corroborate RCE related to MLflow projects input handling, including descriptions and advi...

8.8CVSS8.6AI score0.00884EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2024/06/04 12:2 p.m.43 views

CVE-2024-37061

Remote Code Execution can occur in versions of the MLflow platform running version 1.11.0 or newer, enabling a maliciously crafted MLproject to execute arbitrary code on an end user’s system when run...

8.8CVSS9.1AI score0.00884EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2024/06/04 12:2 p.m.20 views

CVE-2024-37061

Remote Code Execution can occur in versions of the MLflow platform running version 1.11.0 or newer, enabling a maliciously crafted MLproject to execute arbitrary code on an end user’s system when run...

8.8CVSS9.1AI score0.00884EPSS
Exploits1References1
Rows per page
Query Builder