Lfprojects: >> Mlflow >> 0.8.2 Security Vulnerabilities
A directory traversal vulnerability in the /get-artifact API method of the mlflow platform up to v2.0.1 allows attackers to read arbitrary files on the server via the path parameter.
CVSS Score
7.5
EPSS Score
0.004
Published
2023-05-11
Relative Path Traversal in GitHub repository mlflow/mlflow prior to 2.3.1.
CVSS Score
10.0
EPSS Score
0.828
Published
2023-04-28
Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.2.2.
CVSS Score
5.3
EPSS Score
0.001
Published
2023-03-24
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.2.1.
CVSS Score
9.3
EPSS Score
0.932
Published
2023-03-24
Insecure Temporary File in GitHub repository mlflow/mlflow prior to 1.23.1.
CVSS Score
8.2
EPSS Score
0.006
Published
2022-02-23
Page 4