Incorrect Authorization

Overview zenml is a ZenML: Write production-ready ML code. Affected versions of this package are vulnerable to Incorrect Authorization due to improper RBAC enforcement. Remediation Upgrade zenml to version 0.72.0 or higher. References - GitHub Commit - GitHub PR...

The vulnerability of the final point of the application programming interface /api/v1/users/{user_name_or_id}/activate, which is part of the Zenml machine learning pipeline creation framework, allows a violator to elevate their privileges.

The vulnerability of the final point of the application software interface/api/v1/users/usernameorid/activate function in the Zenml machine learning pipeline creation framework is related to deficiencies in the access control mechanism. Exploiting this vulnerability could allow an attacker to...

The vulnerability of the Zenml framework for creating machine learning pipelines, related to the incorrect validity period of a session, allows attackers to bypass the authentication process.

The vulnerability of the Zenml machine learning pipeline creation framework is related to an incorrect session duration. Exploiting this vulnerability can allow a malicious actor to bypass the authentication process...