Lfprojects

Mlflow

77 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 0.7%
  • Veröffentlicht 11.05.2026 19:02:46
  • Zuletzt bearbeitet 02.07.2026 12:17:02

A vulnerability in the `_create_model_version()` handler of `mlflow/server/handlers.py` in mlflow/mlflow versions 3.9.0 and earlier allows an unauthenticated remote attacker to read arbitrary files from the server's filesystem. The issue arises when ...

Exploit
  • EPSS 0.29%
  • Veröffentlicht 11.05.2026 18:16:31
  • Zuletzt bearbeitet 27.05.2026 19:05:55

A Server-Side Request Forgery (SSRF) vulnerability exists in MLflow versions prior to 3.9.0. The `_create_webhook()` function in `mlflow/server/handlers.py` accepts a user-controlled `url` parameter without validation, and the `_send_webhook_request(...

Exploit
  • EPSS 0.36%
  • Veröffentlicht 07.04.2026 12:57:44
  • Zuletzt bearbeitet 20.04.2026 18:45:16

MLflow is vulnerable to an authorization bypass affecting the AJAX endpoint used to download saved model artifacts. Due to missing access‑control validation, a user without permissions to a given experiment can directly query this endpoint and retrie...

Exploit
  • EPSS 0.22%
  • Veröffentlicht 07.04.2026 12:57:38
  • Zuletzt bearbeitet 20.04.2026 18:44:12

MLflow is vulnerable to Stored Cross-Site Scripting (XSS) caused by unsafe parsing of YAML-based MLmodel artifacts in its web interface. An authenticated attacker can upload a malicious MLmodel file containing a payload that executes when another use...

Exploit
  • EPSS 4.39%
  • Veröffentlicht 03.04.2026 17:03:12
  • Zuletzt bearbeitet 30.06.2026 03:17:02

In mlflow/mlflow, the FastAPI job endpoints under `/ajax-api/3.0/jobs/*` are not protected by authentication or authorization when the `basic-auth` app is enabled. This vulnerability affects the latest version of the repository. If job execution is e...

Exploit
  • EPSS 1.33%
  • Veröffentlicht 31.03.2026 14:25:27
  • Zuletzt bearbeitet 14.04.2026 16:01:29

A command injection vulnerability exists in mlflow/mlflow when serving a model with `enable_mlserver=True`. The `model_uri` is embedded directly into a shell command executed via `bash -c` without proper sanitization. If the `model_uri` contains shel...

Exploit
  • EPSS 1.99%
  • Veröffentlicht 30.03.2026 07:16:57
  • Zuletzt bearbeitet 30.06.2026 03:16:45

A command injection vulnerability exists in MLflow's model serving container initialization code, specifically in the `_install_model_dependencies_to_env()` function. When deploying a model with `env_manager=LOCAL`, MLflow reads dependency specificat...

Exploit
  • EPSS 0.59%
  • Veröffentlicht 30.03.2026 01:16:06
  • Zuletzt bearbeitet 30.06.2026 03:16:45

A path traversal vulnerability exists in the `extract_archive_to_dir` function within the `mlflow/pyfunc/dbconnect_artifact_cache.py` file of the mlflow/mlflow repository. This vulnerability, present in versions before v3.7.0, arises due to the lack ...

Exploit
  • EPSS 0.33%
  • Veröffentlicht 27.03.2026 16:17:30
  • Zuletzt bearbeitet 30.06.2026 03:16:45

In the latest version of mlflow/mlflow, when the `basic-auth` app is enabled, tracing and assessment endpoints are not protected by permission validators. This allows any authenticated user, including those with `NO_PERMISSIONS` on the experiment, to...

Exploit
  • EPSS 0.85%
  • Veröffentlicht 18.03.2026 22:06:47
  • Zuletzt bearbeitet 30.06.2026 03:16:45

A vulnerability in MLflow's pyfunc extraction process allows for arbitrary file writes due to improper handling of tar archive entries. Specifically, the use of `tarfile.extractall` without path validation enables crafted tar.gz files containing `..`...