12 matches found
CVE-2026-3198
A flaw was found in MLflow. When configured with basic authentication, MLflow fails to enforce proper authorization checks for several Gateway API list endpoints. This oversight allows any authenticated user, regardless of their assigned permissions, to enumerate sensitive information such as...
BIT-MLFLOW-2026-3198 Improper Access Control in mlflow/mlflow
MLflow 3.9.0 with basic-auth --app-name basic-auth fails to enforce authorization checks for multiple Gateway API 'list' endpoints. Specifically, the BEFOREREQUESTHANDLERS dictionary in mlflow/server/auth/init.py does not include entries for ListGatewaySecretInfos, ListGatewayEndpoints, and...
CVE-2026-3198
MLflow 3.9.0 with basic-auth --app-name basic-auth fails to enforce authorization checks for multiple Gateway API 'list' endpoints. Specifically, the BEFOREREQUESTHANDLERS dictionary in mlflow/server/auth/init.py does not include entries for ListGatewaySecretInfos, ListGatewayEndpoints, and...
CVE-2026-3198 Improper Access Control in mlflow/mlflow
MLflow 3.9.0 with basic-auth --app-name basic-auth fails to enforce authorization checks for multiple Gateway API 'list' endpoints. Specifically, the BEFOREREQUESTHANDLERS dictionary in mlflow/server/auth/init.py does not include entries for ListGatewaySecretInfos, ListGatewayEndpoints, and...
CVE-2026-3198
MLflow 3.9.0 with basic-auth fails authorization for multiple Gateway API 'list' endpoints. The BEFORE_REQUEST_HANDLERS dictionary in mlflow/server/auth/init .py lacks entries for ListGatewaySecretInfos, ListGatewayEndpoints, and ListGatewayModelDefinitions, allowing any authenticated user to enu...
CVE-2026-3198 Improper Access Control in mlflow/mlflow
MLflow 3.9.0 with basic-auth --app-name basic-auth fails to enforce authorization checks for multiple Gateway API 'list' endpoints. Specifically, the BEFOREREQUESTHANDLERS dictionary in mlflow/server/auth/init.py does not include entries for ListGatewaySecretInfos, ListGatewayEndpoints, and...
EUVD-2026-33880
MLflow 3.9.0 with basic-auth --app-name basic-auth fails to enforce authorization checks for multiple Gateway API 'list' endpoints. Specifically, the BEFOREREQUESTHANDLERS dictionary in mlflow/server/auth/init.py does not include entries for ListGatewaySecretInfos, ListGatewayEndpoints, and...
Direct Request ('Forced Browsing')
Overview mlflow is a platform to streamline machine learning development, including tracking experiments, packaging code into reproducible runs, and sharing and deploying models. Affected versions of this package are vulnerable to Direct Request 'Forced Browsing' in the Gateway API endpoints due ...
CVE-2026-3198
MLflow 3.9.0 with basic-auth --app-name basic-auth fails to enforce authorization checks for multiple Gateway API 'list' endpoints. Specifically, the BEFOREREQUESTHANDLERS dictionary in mlflow/server/auth/init.py does not include entries for ListGatewaySecretInfos, ListGatewayEndpoints, and...
PT-2026-45692
Name of the Vulnerable Software and Affected Versions MLflow version 3.9.0 Description When using basic-auth --app-name basic-auth, the software fails to enforce authorization checks for several Gateway API 'list' endpoints. The BEFORE REQUEST HANDLERS dictionary in mlflow/server/auth/ init .py...
MLflow 安全漏洞
MLflow is an open-source platform that simplifies machine learning development. It includes features like tracking experiments, packaging code for reproducible runs, and sharing and deploying models. Version 3.9.0 of MLflow contains a security vulnerability. This vulnerability stems from the lack...
Gateway API Authorization Bypass: Any Authenticated User Can Enumerate Secrets, Endpoints, and Model Definitions
This report is not public...