Filtered by vendor Lfprojects Subscriptions
Filtered by product Mlflow Subscriptions
Total 26 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-30172 1 Lfprojects 1 Mlflow 2024-11-21 7.5 High
A directory traversal vulnerability in the /get-artifact API method of the mlflow platform up to v2.0.1 allows attackers to read arbitrary files on the server via the path parameter.
CVE-2023-2780 1 Lfprojects 1 Mlflow 2024-11-21 9.8 Critical
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.3.1.
CVE-2023-2356 1 Lfprojects 1 Mlflow 2024-11-21 7.5 High
Relative Path Traversal in GitHub repository mlflow/mlflow prior to 2.3.1.
CVE-2023-1177 1 Lfprojects 1 Mlflow 2024-11-21 9.3 Critical
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.2.1.
CVE-2023-1176 1 Lfprojects 1 Mlflow 2024-11-21 3.3 Low
Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.2.2.
CVE-2022-0736 1 Lfprojects 1 Mlflow 2024-11-21 7.5 High
Insecure Temporary File in GitHub repository mlflow/mlflow prior to 1.23.1.