Vulnerabilidades en Mlflow
70 resultadosCVE-2025-15031HIGHPath Traversal Vulnerability in mlflow/mlflowEPSS 0.7%CVE-2024-37054HIGHDeserialization of untrusted data can occur in versions of the MLflow platform running version 0.9.0 or newer, enabling a maliciously uploadEPSS 0.7%CVE-2024-1593HIGHPath Traversal via Parameter Smuggling in mlflow/mlflowEPSS 0.7%CVE-2024-37052HIGHDeserialization of untrusted data can occur in versions of the MLflow platform running version 1.1.0 or newer, enabling a maliciously uploadEPSS 0.6%CVE-2024-37053HIGHDeserialization of untrusted data can occur in versions of the MLflow platform running version 1.1.0 or newer, enabling a maliciously uploadEPSS 0.6%CVE-2024-37058HIGHDeserialization of untrusted data can occur in versions of the MLflow platform running version 2.5.0 or newer, enabling a maliciously uploadEPSS 0.6%CVE-2024-37055HIGHDeserialization of untrusted data can occur in versions of the MLflow platform running version 1.24.0 or newer, enabling a maliciously uploaEPSS 0.6%CVE-2024-37059HIGHDeserialization of untrusted data can occur in versions of the MLflow platform running version 0.5.0 or newer, enabling a maliciously uploadEPSS 0.6%CVE-2024-37057HIGHDeserialization of untrusted data can occur in versions of the MLflow platform running version 2.0.0rc0 or newer, enabling a maliciously uplEPSS 0.6%CVE-2024-37056HIGHDeserialization of untrusted data can occur in versions of the MLflow platform running version 1.23.0 or newer, enabling a maliciously uploaEPSS 0.6%CVE-2024-6838MEDIUMUncontrolled Resource Consumption in mlflow/mlflowEPSS 0.6%CVE-2023-1176MEDIUMAbsolute Path Traversal in mlflow/mlflowEPSS 0.6%CVE-2025-15036CRITICALPath Traversal Vulnerability in mlflow/mlflowEPSS 0.5%CVE-2025-0453MEDIUMDenial of Service through Batched Queries in GraphQL in mlflow/mlflowEPSS 0.5%CVE-2024-3099MEDIUMDenial of Service and Data Model Poisoning via URL Encoding in mlflow/mlflowEPSS 0.4%CVE-2026-2734MEDIUMAuthorization Bypass in SearchModelVersions in mlflow/mlflowEPSS 0.4%CVE-2026-4035CRITICALEnvironment Variable Resolution Vulnerability in mlflow/mlflowEPSS 0.4%CVE-2026-2651CRITICALMissing Authorization Validation in mlflow/mlflowEPSS 0.4%CVE-2026-33866MEDIUMAuthorization Bypass in MLflow AJAX EndpointEPSS 0.4%CVE-2025-1474LOWWeak Password Requirements in mlflow/mlflowEPSS 0.3%