Lucene search
K

1265 matches found

Nuclei
Nuclei
added yesterday67 views

Mlflow < 2.11.0 - Path Traversal

A path traversal vulnerability exists in mlflow/mlflow version 2.11.0, identified as a bypass for the previously addressed CVE-2023-6909. The vulnerability arises from the application's handling of artifact URLs, where a '' character can be used to insert a path into the fragment, effectively...

7.5CVSS7AI score0.43284EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday86 views

mlflow - Path Traversal

Path Traversal: '..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. id: CVE-2023-6831 info: name: mlflow - Path Traversal author: byObin severity: high description: | Path Traversal: '..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. impact: | Authenticated attackers...

8.1CVSS7AI score0.0329EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday87 views

Mlflow <2.2.1 - Local File Inclusion

Mlflow before 2.2.1 is susceptible to local file inclusion due to path traversal ..\filename in GitHub repository mlflow/mlflow. An attacker can potentially obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id:...

9.8CVSS7.1AI score0.69468EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday44 views

Mlflow - Cross-Site Scripting

The vulnerability allows an attacker to inject malicious code into the Content-Type header of a POST request, which is then reflected back to the user without proper sanitization or escaping. id: CVE-2023-6568 info: name: Mlflow - Cross-Site Scripting author: ritikchaddha severity: medium...

6.5CVSS6.6AI score0.01649EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday30 views

Mlflow < 2.17.0 - Local File Inclusion

Mlflow before 2.17.0 is susceptible to local file inclusion due to path traversal in GitHub repository mlflow/mlflow. An attacker can potentially obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id: CVE-2024-8859...

7.5CVSS7AI score0.02484EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday110 views

Mlflow - Arbitrary File Write

An attacker can overwrite any file on the server hosting MLflow without any authentication. id: CVE-2023-6018 info: name: Mlflow - Arbitrary File Write author: byt3bl33d3r severity: critical description: | An attacker can overwrite any file on the server hosting MLflow without any authentication...

10CVSS7AI score0.47874EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday54 views

Mlflow <2.3.1 - Local File Inclusion Bypass

Path Traversal: '..\filename' in GitHub repository mlflow/mlflow prior to 2.3.1. id: CVE-2023-2780 info: name: Mlflow 2.3.1 - Local File Inclusion Bypass author: iamnoooob,pdresearch severity: critical description: | Path Traversal: '..\filename' in GitHub repository mlflow/mlflow prior to 2.3.1...

9.8CVSS7AI score0.06311EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday32 views

Mlflow <2.8.0 - Local File Inclusion

Mlflow before 2.8.0 is susceptible to local file inclusion due to path traversal in GitHub repository mlflow/mlflow. An attacker can potentially obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id: CVE-2023-6977...

10CVSS7.1AI score0.03924EPSS
Exploits2References2
Nuclei
Nuclei
added yesterday52 views

MLflow < 2.11.3 - Path Traversal

MLflow versions prior to 2.11.3 are vulnerable to a Path Traversal attack due to improper URI fragment parsing. This vulnerability allows attackers to read arbitrary files on the server, potentially exposing sensitive information. id: CVE-2024-2928 info: name: MLflow 2.11.3 - Path Traversal autho...

7.5CVSS7AI score0.21847EPSS
Exploits2References2
Nuclei
Nuclei
added yesterday17 views

MLflow < 3.10.0 - Authentication Bypass on FastAPI Routes

A vulnerability in mlflow/mlflow versions 3.9.0 and earlier allows unauthenticated access to certain FastAPI routes when the server is started with authentication enabled --app-name basic-auth and served via uvicorn ASGI. The FastAPI permission middleware only enforces authentication on /gateway/...

8.6CVSS7.1AI score0.01502EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday75 views

Mlflow <2.3.0 - Local File Inclusion

Relative Path Traversal in GitHub repository mlflow/mlflow prior to 2.3.1. id: CVE-2023-2356 info: name: Mlflow 2.3.0 - Local File Inclusion author: Co5mos severity: high description: | Relative Path Traversal in GitHub repository mlflow/mlflow prior to 2.3.1. impact: | Successful exploitation...

10CVSS7AI score0.04119EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday37 views

Mlflow < 2.9.2 - Path Traversal

A path traversal vulnerability exists in mlflow/mlflow version 2.9.2, allowing attackers to access arbitrary files on the server. By crafting a series of HTTP POST requests with specially crafted 'artifactlocation' and 'source' parameters, using a local URI with '' instead of '?', an attacker can...

7.5CVSS7.1AI score0.02718EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday33 views

MLflow Job API - Authentication Bypass

MLflow latest version contains an authentication bypass caused by unprotected FastAPI job endpoints under /ajax-api/3.0/jobs/ when basic-auth is enabled, letting unauthenticated network clients submit and manage jobs, exploit requires job execution enabled and allowlisted job functions. id:...

9.8CVSS7.1AI score0.04392EPSS
Exploits1References3
Nuclei
Nuclei
added 3 days ago52 views

MLflow Absolute Path Traversal

Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0. id: CVE-2023-3765 info: name: MLflow Absolute Path Traversal author: DhiyaneshDK severity: critical description: | Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0. impact: | This vulnerability can...

10CVSS7AI score0.70736EPSS
Exploits1References4
Nuclei
Nuclei
added last week245 views

Mlflow <2.9.2 - Path Traversal

Path Traversal: '..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. id: CVE-2023-6909 info: name: Mlflow 2.9.2 - Path Traversal author: Hyunsoo-ds severity: high description: | Path Traversal: '..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. impact: | Successful...

7.5CVSS7AI score0.89716EPSS
Exploits1References3
OSV
OSV
added 2026/07/06 11:44 p.m.4 views

BIT-MLFLOW-2026-8147 Authorization Bypass in mlflow/mlflow

In MLflow versions prior to 3.14.0, when running with authentication enabled, the trace API endpoints lack proper authorization validators. This allows any authenticated user to bypass experiment-level authorization controls on all trace operations, including reading, deleting, and modifying trac...

8.1CVSS7.2AI score0.00348EPSS
Exploits1References3
NVD
NVD
added 2026/07/02 9:16 a.m.10 views

CVE-2026-8147

In MLflow versions prior to 3.14.0, when running with authentication enabled, the trace API endpoints lack proper authorization validators. This allows any authenticated user to bypass experiment-level authorization controls on all trace operations, including reading, deleting, and modifying trac...

8.1CVSS0.00348EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/07/02 7:32 a.m.39 views

CVE-2026-8147 Authorization Bypass in mlflow/mlflow

In MLflow versions prior to 3.14.0, when running with authentication enabled, the trace API endpoints lack proper authorization validators. This allows any authenticated user to bypass experiment-level authorization controls on all trace operations, including reading, deleting, and modifying trac...

8.1CVSS0.00348EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/07/02 7:32 a.m.7 views

CVE-2026-8147

In MLflow versions prior to 3.14.0, when running with authentication enabled, the trace API endpoints lack proper authorization validators. This allows any authenticated user to bypass experiment-level authorization controls on all trace operations, including reading, deleting, and modifying trac...

8.1CVSS7.3AI score0.00348EPSS
Exploits1References3
CVE
CVE
added 2026/07/02 7:32 a.m.19 views

CVE-2026-8147

CVE-2026-8147 – MLflow trace API authorization bypass : In MLflow versions prior to 3.14.0 running with authentication enabled, the trace API endpoints lack proper authorization validators because the _before_request handler does not register validators for trace endpoints. This allows any authen...

8.1CVSS7.3AI score0.00348EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder