Vulnerabilities > Lfprojects > Mlflow > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-16 | CVE-2023-6015 | Path Traversal vulnerability in Lfprojects Mlflow MLflow allowed arbitrary files to be PUT onto the server. | 7.5 |
| 2023-08-01 | CVE-2023-4033 | OS Command Injection vulnerability in Lfprojects Mlflow OS Command Injection in GitHub repository mlflow/mlflow prior to 2.6.0. | 7.8 |
| 2023-05-11 | CVE-2023-30172 | Path Traversal vulnerability in Lfprojects Mlflow A directory traversal vulnerability in the /get-artifact API method of the mlflow platform up to v2.0.1 allows attackers to read arbitrary files on the server via the path parameter. | 7.5 |
| 2023-04-28 | CVE-2023-2356 | Relative Path Traversal vulnerability in Lfprojects Mlflow Relative Path Traversal in GitHub repository mlflow/mlflow prior to 2.3.1. | 7.5 |
| 2022-02-23 | CVE-2022-0736 | Unspecified vulnerability in Lfprojects Mlflow Insecure Temporary File in GitHub repository mlflow/mlflow prior to 1.23.1. | 7.5 |