Vulnerabilidades em MLflow
70 resultadosCVE-2022-0736HIGHInsecure Temporary File in mlflow/mlflowEPSS 1.6%CVE-2023-6974HIGHServer-Side Request Forgery (SSRF)EPSS 1.5%CVE-2026-2652HIGHAuthentication Bypass in mlflow/mlflowEPSS 1.5%CVE-2025-11200HIGHMLflow Weak Password Requirements Authentication Bypass VulnerabilityEPSS 1.4%CVE-2026-0596CRITICALCommand Injection in mlflow/mlflowEPSS 1.3%CVE-2025-14287HIGHCommand Injection in mlflow/mlflowEPSS 1.2%CVE-2023-6940CRITICALCommand InjectionEPSS 1.2%CVE-2023-4033HIGHOS Command Injection in mlflow/mlflowEPSS 1.2%CVE-2023-6014CRITICALMLflow Authentication BypassEPSS 1.2%CVE-2026-2635CRITICALMLflow Use of Default Password Authentication Bypass VulnerabilityEPSS 1.1%CVE-2023-6753CRITICALPath Traversal in mlflow/mlflowEPSS 1.1%CVE-2023-6976HIGHUnrestricted Upload of File with Dangerous TypeEPSS 1.0%CVE-2023-6709CRITICALImproper Neutralization of Special Elements Used in a Template Engine in mlflow/mlflowEPSS 0.9%CVE-2024-37061HIGHRemote Code Execution can occur in versions of the MLflow platform running version 1.11.0 or newer, enabling a maliciously crafted MLprojectEPSS 0.9%CVE-2024-1558HIGHPath Traversal Vulnerability in mlflow/mlflowEPSS 0.9%CVE-2024-1560HIGHPath Traversal Vulnerability in mlflow/mlflowEPSS 0.9%CVE-2024-37060HIGHDeserialization of untrusted data can occur in versions of the MLflow platform running version 1.27.0 or newer, enabling a maliciously craftEPSS 0.8%CVE-2026-2614HIGHArbitrary File Read via Prompt Tag Source Validation Bypass in mlflow/mlflowEPSS 0.7%CVE-2024-3573CRITICALLocal File Inclusion (LFI) via Scheme Confusion in mlflow/mlflowEPSS 0.7%CVE-2024-1594HIGHLocal File Read via Path Traversal in mlflow/mlflowEPSS 0.7%