Mlflow Path Traversal Vulnerability (CNVD-2024-35608)

Mlflow is an open source platform for the machine learning lifecycle. Mlflow version 2.9.2 suffers from a path traversal vulnerability that stems from insufficient validation of user-supplied input. An attacker exploiting this vulnerability could access arbitrary files on the server...

Path Traversal

mlflow/mlflow is vulnerable to a Path Traversal. The vulnerability is due to improper validation of the source parameter within handlers.py, allowing attackers to craft a parameter that bypasses checks, leading to arbitrary file read access on the server...

Path Traversal

mlflow is vulnerable to Path Traversal. The vulnerability is due to insufficient validation of user-supplied input in the server's handlers, allowing attackers to access arbitrary files on the server by crafting HTTP POST requests with specially crafted parameters...

Local File Inclusion (LFI)

mlflow is vulnerable to Local File Inclusion LFI. The vulnerability is due to improper parsing of URIs within the function islocaluri in uri.py,, which allows an attackers to read arbitrary files on the system...

Path Traversal

MLflow is vulnerable to a path traversal attack. The vulnerability is due to improper handling of the artifactlocation parameter when creating an experiment, allowing attackers to exploit the fragment component of the URI to read arbitrary files on the server in the context of the server's proces...

Path Traversal

mlflow is vulnerable to a path traversal vulnerability. The vulnerability is due to an extra unquote operation in the deleteartifacts function of localartifactrepo.py, which fails to properly sanitize user-supplied paths. Attackers can exploit the double decoding process in the...

a2 (>=0.1.0 <=0.3.17), agentos (>=0.0.5 <=0.0.7) +149 more potentially affected by CVE-2024-3573 via mlflow (>=0.8.2 <=2.0.1)

mlflow PYPI version =0.8.2, =0.1.0, =0.0.5, =0.1.2, =1.0.18.2, =0.0.1, =1.0.41, =1.4.0, =0.2.5, =3.0.0, =0.1.0, =0.2.0, =0.3.5, =0.8.0, =1.0.0 and more Source cves: CVE-2024-3573 Source advisory: OSV:GHSA-HQ88-WG7Q-GP4G...

GHSA-HQ88-WG7Q-GP4G mlflow vulnerable to Path Traversal

mlflow/mlflow is vulnerable to Local File Inclusion LFI due to improper parsing of URIs, allowing attackers to bypass checks and read arbitrary files on the system. The issue arises from the 'islocaluri' function's failure to properly handle URIs with empty or 'file' schemes, leading to the...

mlflow vulnerable to Path Traversal

mlflow/mlflow is vulnerable to Local File Inclusion LFI due to improper parsing of URIs, allowing attackers to bypass checks and read arbitrary files on the system. The issue arises from the 'islocaluri' function's failure to properly handle URIs with empty or 'file' schemes, leading to the...

a2 (>=0.1.0 <=0.3.17), abnativ (>=1.1.0 <=1.2.9) +345 more potentially affected by CVE-2024-1593 via mlflow (>=0.8.2 <=2.9.2)

mlflow PYPI version =0.8.2, =0.1.0, =1.1.0, =0.0.5, =0.1.0, =0.1.0, =1.7.0, =1.7.0, =1.8.0, =1.7.0, =1.7.0, =0.1.1, =0.1.5 - anovos =1.1.0 and more Source cves: CVE-2024-1593 Source advisory: OSV:GHSA-F42M-MVFV-CGW5...

a2 (>=0.1.0 <=0.3.17), abnativ (>=1.1.0 <=1.2.9) +345 more potentially affected by CVE-2024-1560 via mlflow (>=0.8.2 <=2.9.2)

mlflow PYPI version =0.8.2, =0.1.0, =1.1.0, =0.0.5, =0.1.0, =0.1.0, =1.7.0, =1.7.0, =1.8.0, =1.7.0, =1.7.0, =0.1.1, =0.1.5 - anovos =1.1.0 and more Source cves: CVE-2024-1560 Source advisory: OSV:GHSA-5MVJ-WMGJ-7Q8C...

a2 (>=0.1.0 <=0.3.17), abnativ (>=1.1.0 <=1.2.9) +345 more potentially affected by CVE-2024-1594 via mlflow (>=0.8.2 <=2.9.2)

mlflow PYPI version =0.8.2, =0.1.0, =1.1.0, =0.0.5, =0.1.0, =0.1.0, =1.7.0, =1.7.0, =1.8.0, =1.7.0, =1.7.0, =0.1.1, =0.1.5 - anovos =1.1.0 and more Source cves: CVE-2024-1594 Source advisory: OSV:GHSA-M49C-5C52-6696...

a2 (>=0.1.0 <=0.3.17), agentos (>=0.0.5 <=0.0.7) +163 more potentially affected by CVE-2024-1558 via mlflow (>=0.8.2 <=2.11.3)

mlflow PYPI version =0.8.2, =0.1.0, =0.0.5, =0.1.2, =1.0.18.2, =0.0.1, =1.0.41, =1.4.0, =0.2.5, =3.0.0, =0.1.0, =0.2.0, =0.3.5, =0.8.0, =1.0.0 and more Source cves: CVE-2024-1558 Source advisory: OSV:GHSA-J62R-WXQQ-F3GF...

GHSA-F42M-MVFV-CGW5 mlflow vulnerable to Path Traversal

A path traversal vulnerability exists in the mlflow/mlflow repository due to improper handling of URL parameters. By smuggling path traversal sequences using the ';' character in URLs, attackers can manipulate the 'params' portion of the URL to gain unauthorized access to files or directories. Th...

GHSA-M49C-5C52-6696 mlflow vulnerable to Path Traversal

A path traversal vulnerability exists in the mlflow/mlflow repository, specifically within the handling of the artifactlocation parameter when creating an experiment. Attackers can exploit this vulnerability by using a fragment component in the artifact location URI to read arbitrary files on the...

mlflow vulnerable to Path Traversal

A path traversal vulnerability exists in the mlflow/mlflow repository, specifically within the artifact deletion functionality. Attackers can bypass path validation by exploiting the double decoding process in the deleteartifactmlflowartifacts handler and localfileuritopath function, allowing for...

mlflow vulnerable to Path Traversal

A path traversal vulnerability exists in the mlflow/mlflow repository, specifically within the handling of the artifactlocation parameter when creating an experiment. Attackers can exploit this vulnerability by using a fragment component in the artifact location URI to read arbitrary files on the...

mlflow vulnerable to Path Traversal

A path traversal vulnerability exists in the createmodelversion function within server/handlers.py of the mlflow/mlflow repository, due to improper validation of the source parameter. Attackers can exploit this vulnerability by crafting a source parameter that bypasses the...

mlflow vulnerable to Path Traversal

A path traversal vulnerability exists in the mlflow/mlflow repository due to improper handling of URL parameters. By smuggling path traversal sequences using the ';' character in URLs, attackers can manipulate the 'params' portion of the URL to gain unauthorized access to files or directories. Th...

GHSA-5MVJ-WMGJ-7Q8C mlflow vulnerable to Path Traversal

A path traversal vulnerability exists in the mlflow/mlflow repository, specifically within the artifact deletion functionality. Attackers can bypass path validation by exploiting the double decoding process in the deleteartifactmlflowartifacts handler and localfileuritopath function, allowing for...