CVE-2026-2614 Arbitrary File Read via Prompt Tag Source Validation Bypass in mlflow/mlflow

A vulnerability in the createmodelversion handler of mlflow/server/handlers.py in mlflow/mlflow versions 3.9.0 and earlier allows an unauthenticated remote attacker to read arbitrary files from the server's filesystem. The issue arises when a CreateModelVersion request includes the tag...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the rendering of object names in the GetArtifactFile function. An attacker can execute arbitrary JavaScript in another user's browser by crafting malicious workflows that produce an HTML artifact enabling...

PT-2024-18129 · Mlflow · Mlflow

Name of the Vulnerable Software and Affected Versions: mlflow/mlflow affected versions not specified Description: A path traversal issue exists due to improper validation of the source parameter in the create model version function. This allows attackers to bypass checks by the validate non local...

Server Side Request Forgery (SSRF)

mlflow is vulnerable to Server Side Request Forgery SSRF. The vulnerability is caused by following redirects while fetching HTTP artifact contents within the model-versions/get-artifact endpoint. A malicious user can exploit this to access internal HTTPs servers and in the worst case achieve remo...

mflow vulnerable to directory traversal

A directory traversal vulnerability in the /get-artifact API method of the mlflow platform prior to v2.0.0 allows attackers to read arbitrary files on the server via the path parameter...

PYSEC-2023-70

A directory traversal vulnerability in the /get-artifact API method of the mlflow platform up to v2.0.1 allows attackers to read arbitrary files on the server via the path parameter...

CVE-2023-30172

A directory traversal vulnerability in the /get-artifact API method of the mlflow platform up to v2.0.1 allows attackers to read arbitrary files on the server via the path parameter...

CVE-2023-30172

CVE-2023-30172 describes a directory traversal in the mlflow platform’s /get-artifact API, allowing an attacker to read arbitrary server files via the path parameter. Affected: mlflow up to v2.0.1. Underlying cause: directory traversal in the get-artifact endpoint. Impact is high on confidentiali...

PT-2023-22565 · Mlflow · Mlflow

Name of the Vulnerable Software and Affected Versions: mlflow versions prior to 2.0.1 Description: A directory traversal issue in the "/get-artifact" API method allows attackers to read arbitrary files on the server via the path parameter. Recommendations: For versions prior to 2.0.1, update to...