CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

OSV•added 2025/09/25 8:47 a.m.•4 views

BIT-MLFLOW-2025-52967

gatewayproxyhandler in MLflow before 3.1.0 lacks gatewaypath validation...

5.8CVSS7AI score0.0037EPSS

Exploits0References4

BDU FSTEC•added 2025/07/28 12:0 a.m.•6 views

The vulnerability of the gateway_proxy_handler component in the machine learning lifecycle management platform allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the gatewayproxyhandler component in the Machine Learning Lifecycle Management platform is related to insufficient validation of requests at the server side. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility ...

7.5CVSS7.2AI score0.0037EPSS

Exploits0References4Affected Software1

Snyk•added 2025/06/23 3:40 p.m.•3 views

Server-side Request Forgery (SSRF)

Overview mlflow is a platform to streamline machine learning development, including tracking experiments, packaging code into reproducible runs, and sharing and deploying models. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via insufficient validation of th...

6.9CVSS7.2AI score0.0037EPSS

Exploits0References2