2.12.2

DATE	CVE	VULNERABILITY TITLE	RISK
2024-06-04	CVE-2024-37061	Code Injection vulnerability in Lfprojects Mlflow Remote Code Execution can occur in versions of the MLflow platform running version 1.11.0 or newer, enabling a maliciously crafted MLproject to execute arbitrary code on an end user’s system when run. network low complexity lfprojects CWE-94	8.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.