Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization in the /mlflow-artifacts/mpu/ endpoints in --serve-artifacts mode. An attacker can gain unauthorized access to and overwrite artifacts belonging to other users by manipulating artifactpath and pathfilename argument...

CVE-2026-2033

MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to exploit this vulnerability. The specific fla...

CVE-2026-2033

MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to exploit this vulnerability. The specific fla...

CVE-2026-2033

MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to exploit this vulnerability. The specific fla...

CVE-2026-2033 MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability

MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to exploit this vulnerability. The specific fla...

Missing Authorization Validation on MLflow MPU Endpoints Leads to Cross-Resource Artifact Overwrite, Model Poisoning, and Cross-Boundary Command Execution on Model Load

Analyzed version: 5af88dc08a54d40dddfc019da9e7f0fd0fcf34e2 git describe: nightly-2300-g5af88dc08, local mlflow.version: 3.10.1.dev0 In --serve-artifacts mode, MLflow exposes MPU endpoints for large-file multipart uploads. However, its authorization logic only covers the /mlflow-artifacts/artifact...

MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of artifact file paths. The issue results from the lack of proper...

VulnCheck KEV: CVE-2023-6023

An attacker can read any file on the filesystem on the server hosting ModelDB through an LFI in the artifactpath URL parameter...

ModelDB 路径遍历漏洞

ModelDB is an open source system for machine learning model version control, metadata and experiment management open source by VertaAI. ModelDB suffers from a path traversal vulnerability that arises from improper cleaning of user-supplied file paths in the file upload function. This vulnerabilit...

CVE-2023-6023

An attacker can read any file on the filesystem on the server hosting ModelDB through an LFI in the artifactpath URL parameter...

CVE-2023-6023 ModelDB Local File Include

An attacker can read any file on the filesystem on the server hosting ModelDB through an LFI in the artifactpath URL parameter...

ModelDB Security Vulnerabilities

ModelDB is an open source system for machine learning model version control, metadata, and experiment management from VertaAI. ModelDB has a security vulnerability that stems from a remote file inclusion LFI vulnerability in the artifactpath URL parameter. An attacker can exploit this vulnerabili...

CVE-2022-37866 Apache Ivy allows path traversal in the presence of a malicious repository

When Apache Ivy downloads artifacts from a repository it stores them in the local file system based on a user-supplied "pattern" that may include placeholders for artifacts coordinates like the organisation, module or version. If said coordinates contain "../" sequences - which are valid characte...