Vulnerabilities > Lfprojects > Mlflow > 2.9.0

DATE CVE VULNERABILITY TITLE RISK
2023-12-15 CVE-2023-6831 Path Traversal vulnerability in Lfprojects Mlflow
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2.
network
low complexity
lfprojects CWE-22
8.1
8.1
2023-12-13 CVE-2023-6753 Unspecified vulnerability in Lfprojects Mlflow
Path Traversal in GitHub repository mlflow/mlflow prior to 2.9.2.
network
low complexity
lfprojects
8.8
8.8
2023-12-12 CVE-2023-6709 Unspecified vulnerability in Lfprojects Mlflow
Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository mlflow/mlflow prior to 2.9.2.
network
low complexity
lfprojects
8.8
8.8
2023-12-07 CVE-2023-6568 Cross-site Scripting vulnerability in Lfprojects Mlflow
A reflected Cross-Site Scripting (XSS) vulnerability exists in the mlflow/mlflow repository, specifically within the handling of the Content-Type header in POST requests.
network
low complexity
lfprojects CWE-79
6.1
6.1