Vulnerabilities > Lfprojects > Mlflow > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-06-06 | CVE-2024-3099 | Unspecified vulnerability in Lfprojects Mlflow A vulnerability in mlflow/mlflow version 2.11.1 allows attackers to create multiple models with the same name by exploiting URL encoding. | 5.4 |
2023-12-07 | CVE-2023-6568 | Cross-site Scripting vulnerability in Lfprojects Mlflow A reflected Cross-Site Scripting (XSS) vulnerability exists in the mlflow/mlflow repository, specifically within the handling of the Content-Type header in POST requests. | 6.1 |