Shodan
Vulnerabilities
Vulnerable Software
Lfprojects:  >> Mlflow  >> 2.9.1  Security Vulnerabilities
CVE-2023-6940
with only one user interaction(download a malicious config), attackers can gain full command execution on the victim system.
CVSS Score
9.0
EPSS Score
0.012
Published
2023-12-19
CVE-2023-6909
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2.
CVSS Score
7.5
EPSS Score
0.897
Published
2023-12-18
CVE-2023-6831
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2.
CVSS Score
8.1
EPSS Score
0.033
Published
2023-12-15
CVE-2023-6753
Path Traversal in GitHub repository mlflow/mlflow prior to 2.9.2.
CVSS Score
9.6
EPSS Score
0.011
Published
2023-12-13
CVE-2023-6709
Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository mlflow/mlflow prior to 2.9.2.
CVSS Score
10.0
EPSS Score
0.009
Published
2023-12-12
CVE-2023-6014
An attacker is able to arbitrarily create an account in MLflow bypassing any authentication requirment.
CVSS Score
9.1
EPSS Score
0.012
Published
2023-11-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved