Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:54 a.m.19 views

CVE-2025-1474

In mlflow/mlflow version 2.18, an admin is able to create a new user account without setting a password. This vulnerability could lead to security risks, as accounts without passwords may be susceptible to unauthorized access. Additionally, this issue violates best practices for secure user accou...

5.5CVSS7AI score0.00336EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2025/03/20 6:47 p.m.5 views

api-python-bet-project (>=0.1.9 <=0.1.22), argosml (>=0.0.1 <=0.1.3) +61 more potentially affected by CVE-2025-1474 via mlflow (>=2.0.0rc0 <=2.19.0)

mlflow PYPI version =2.0.0rc0, =0.1.9, =0.0.1, =0.1.3, =1.2.0, =0.8.0, =0.0.10, =0.1.2370984012, =0.0.41, =1.6.0, =0.14.0, =0.14.0, =0.14.2b0 and more Source cves: CVE-2025-1474 Source advisory: SNYK:PYTHON-MLFLOW-9486737...

5.5CVSS5.4AI score0.00336EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/03/20 12:32 p.m.3 views

a2 (>=0.1.0 <=0.3.17), agentos (>=0.0.5 <=0.0.7) +189 more potentially affected by CVE-2025-1474 via mlflow (>=0.8.2 <=2.18.0)

mlflow PYPI version =0.8.2, =0.1.0, =0.0.5, =0.0.1, =0.1.2, =1.0.18.2, =0.0.1, =1.0.41, =1.4.0, =0.2.5, =0.1.3, =3.0.0, =3.3.0 and more Source cves: CVE-2025-1474 Source advisory: OSV:GHSA-4RJ2-9GCX-5QHX...

5.5CVSS5.7AI score0.00336EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/03/20 10:15 a.m.6 views

a2 (>=0.1.0 <=0.3.17), agentos (>=0.0.5 <=0.0.7) +189 more potentially affected by CVE-2025-1474 via mlflow (>=0.8.2 <=2.18.0)

mlflow PYPI version =0.8.2, =0.1.0, =0.0.5, =0.0.1, =0.1.2, =1.0.18.2, =0.0.1, =1.0.41, =1.4.0, =0.2.5, =0.1.3, =3.0.0, =3.3.0 and more Source cves: CVE-2025-1474 Source advisory: OSV:PYSEC-2025-17...

5.5CVSS5.7AI score0.00336EPSS
Exploits1
NVD
NVD
added 2025/03/20 10:15 a.m.26 views

CVE-2025-1474

In mlflow/mlflow version 2.18, an admin is able to create a new user account without setting a password. This vulnerability could lead to security risks, as accounts without passwords may be susceptible to unauthorized access. Additionally, this issue violates best practices for secure user accou...

5.5CVSS0.00336EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/03/20 10:10 a.m.9 views

CVE-2025-1474 Weak Password Requirements in mlflow/mlflow

In mlflow/mlflow version 2.18, an admin is able to create a new user account without setting a password. This vulnerability could lead to security risks, as accounts without passwords may be susceptible to unauthorized access. Additionally, this issue violates best practices for secure user accou...

3.8CVSS4AI score0.00336EPSS
Exploits1References2
OSV
OSV
added 2025/03/20 10:10 a.m.9 views

CVE-2025-1474 Weak Password Requirements in mlflow/mlflow

In mlflow/mlflow version 2.18, an admin is able to create a new user account without setting a password. This vulnerability could lead to security risks, as accounts without passwords may be susceptible to unauthorized access. Additionally, this issue violates best practices for secure user accou...

3.8CVSS5.8AI score0.00336EPSS
Exploits1References4
Rows per page
Query Builder