Shodan
Vulnerabilities
Vulnerable Software
Lfprojects:  >> Mlflow  >> 1.10.0  Security Vulnerabilities
CVE-2023-6015
MLflow allowed arbitrary files to be PUT onto the server.
CVSS Score
10.0
EPSS Score
0.008
Published
2023-11-16
CVE-2023-4033
OS Command Injection in GitHub repository mlflow/mlflow prior to 2.6.0.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-08-01
CVE-2023-3765
Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0.
CVSS Score
10.0
EPSS Score
0.928
Published
2023-07-19
CVE-2023-2780
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.3.1.
CVSS Score
9.8
EPSS Score
0.862
Published
2023-05-17
CVE-2023-30172
A directory traversal vulnerability in the /get-artifact API method of the mlflow platform up to v2.0.1 allows attackers to read arbitrary files on the server via the path parameter.
CVSS Score
7.5
EPSS Score
0.004
Published
2023-05-11
CVE-2023-2356
Relative Path Traversal in GitHub repository mlflow/mlflow prior to 2.3.1.
CVSS Score
10.0
EPSS Score
0.828
Published
2023-04-28
CVE-2023-1176
Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.2.2.
CVSS Score
5.3
EPSS Score
0.001
Published
2023-03-24
CVE-2023-1177
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.2.1.
CVSS Score
9.3
EPSS Score
0.932
Published
2023-03-24
CVE-2022-0736
Insecure Temporary File in GitHub repository mlflow/mlflow prior to 1.23.1.
CVSS Score
8.2
EPSS Score
0.006
Published
2022-02-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved