CVE-2024-37057
MLflow vulnerability CVE-2024-37057 affects MLflow platform versions 2.0.0rc0 and later, where deserialization of untrusted data can occur during interaction with a maliciously uploaded TensorFlow model, allowing arbitrary code execution on an end user’s system. The issue is tied to how MLflow lo...