Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
pypi mlflow Security Advisories
Loading...
Moderate
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 20.0
Published: about 2 months ago
GSA_kwCzR0hTQS04ZjhxLXEyajctN2oybc4AA8w-
Undefined Behavior in mlflowEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 20.0
Published: about 2 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: about 2 months ago
GSA_kwCzR0hTQS1qNDZxLTVweHgtOHZtd84AA8xl
Local File Inclusion in mlflowEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: about 2 months ago
Critical
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: about 2 months ago
GSA_kwCzR0hTQS01cTZjLWZmdmcteGNtOc4AA8xf
Remote code execution in mlflowEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: about 2 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: about 2 months ago
GSA_kwCzR0hTQS13ZjdmLThmeGYteGZ4Y84AA8ro
MLFlow unsafe deserializationEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: about 2 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: about 2 months ago
GSA_kwCzR0hTQS1jdjZjLTc5NjMtd3hjZ84AA8rv
MLFlow unsafe deserializationEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: about 2 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: about 2 months ago
GSA_kwCzR0hTQS1qOG1nLXBxYzUteDlnas4AA8rn
MLFlow unsafe deserializationEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: about 2 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: about 2 months ago
GSA_kwCzR0hTQS1wcWN2LXF3MnItcjg1Oc4AA8rt
MLFlow improper input validationEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: about 2 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: about 2 months ago
GSA_kwCzR0hTQS1jd2dnLXc2bXAtdzloZ84AA8rp
MLFlow unsafe deserializationEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: about 2 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: about 2 months ago
GSA_kwCzR0hTQS1naHY2LTlyOWotd2g0as4AA8rm
MLFlow unsafe deserializationEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: about 2 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: about 2 months ago
GSA_kwCzR0hTQS00M2M0LTlxZ2oteDc0Ms4AA8re
MLFlow unsafe deserializationEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: about 2 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: about 2 months ago
GSA_kwCzR0hTQS03cDhqLXF2NngtZjRnNM4AA8rh
MLFlow unsafe deserializationEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: about 2 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: about 2 months ago
GSA_kwCzR0hTQS14Mzh4LWc2Z3ItanFmZs4AA8rl
MLFlow unsafe deserializationEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: about 2 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: about 2 months ago
GSA_kwCzR0hTQS03NmNnLWNmaHgtMzczZs4AA8rk
MLFlow unsafe deserializationEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: about 2 months ago
Moderate
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 20.0
Published: 2 months ago
GSA_kwCzR0hTQS1wNGp4LXE2MnAteDVqcs4AA8J5
MLflow allows low privilege users to delete any artifactEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 20.0
Published: 2 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 2 months ago
GSA_kwCzR0hTQS1yZnFxLXdxNnctNzJqbc4AA8J7
MLflow has a Local File Read/Path Traversal bypassEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 2 months ago
Critical
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 34.5
Published: 3 months ago
GSA_kwCzR0hTQS1ocTg4LXdnN3EtZ3A0Z84AA7CC
mlflow vulnerable to Path TraversalEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 34.5
Published: 3 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 3 months ago
GSA_kwCzR0hTQS1mNDJtLW12ZnYtY2d3Nc4AA7B7
mlflow vulnerable to Path TraversalEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 3 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 30.0
Published: 3 months ago
GSA_kwCzR0hTQS01bXZqLXdtZ2otN3E4Y84AA7CR
mlflow vulnerable to Path TraversalEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 30.0
Published: 3 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 3 months ago
GSA_kwCzR0hTQS1tNDljLTVjNTItNjY5Ns4AA7B8
mlflow vulnerable to Path TraversalEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 3 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 3 months ago
GSA_kwCzR0hTQS1qNjJyLXd4cXEtZjNnZs4AA7B4
mlflow vulnerable to Path TraversalEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 3 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 3 months ago
GSA_kwCzR0hTQS1mODJyLWpqNXItNmc5N84AA7CM
mlflow Path Traversal vulnerabilityEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 3 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 5 months ago
GSA_kwCzR0hTQS02NzQ5LW01Y3AtNmNnN84AA5e2
Cross-site Scripting in MLFlowEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 5 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 5 months ago
GSA_kwCzR0hTQS0zdjc5LXE3cGgtajc1aM4AA5e3
MLFlow Cross-site Scripting vulnerability leads to client-side Remote Code ExecutionEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 5 months ago
Critical
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: 7 months ago
GSA_kwCzR0hTQS1oaDhwLXA4bXAtZ3Fobc4AA37i
MLFlow Path Traversal VulnerabilityEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: 7 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: 7 months ago
GSA_kwCzR0hTQS13djhxLTRmODUtMnA4cM4AA37f
MLflow Path Traversal VulnerabilityEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: 7 months ago
Critical
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: 7 months ago
GSA_kwCzR0hTQS01OXYzLTg5OHItcXdoas4AA37g
MLflow Server-Side Request Forgery (SSRF)Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: 7 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 7 months ago
GSA_kwCzR0hTQS01cjNxLTkzcTMtZjk3OM4AA37c
MLflow Path Traversal VulnerabilityEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 7 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 7 months ago
GSA_kwCzR0hTQS1xZzhwLTMyZ3ItZ2g2eM4AA37h
MLflow Local File Disclosure VulnerabilityEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 7 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: 7 months ago
GSA_kwCzR0hTQS1odmM2LTQydmYtamhmOM4AA35I
mlflow Command Injection vulnerabilityEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: 7 months ago
Critical
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: 8 months ago
GSA_kwCzR0hTQS01NTR3LXhoNGotOHc2NM4AA3yh
Path traversal in MLflowEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: 8 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: 8 months ago
GSA_kwCzR0hTQS12OTQ1LXIzcmMtNmZqbc4AA3ti
Path traversal in MLflowEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: 8 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: 8 months ago
GSA_kwCzR0hTQS1jeGZyLTVxM3ItMnJjMs4AA3r7
Jinja2 template injection in mlflowEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: 8 months ago
Moderate
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 24.1
Published: 8 months ago
GSA_kwCzR0hTQS12d2hmLTN2Nngtd2ZmOM4AA3mS
Cross-site Scripting (XSS) in MLflowEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 24.1
Published: 8 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 8 months ago
GSA_kwCzR0hTQS13cXhmLTQ0N20tNmY1Zs4AA3kN
Information exposure in MLflowEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 8 months ago
Critical
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 33.7
Published: 8 months ago
GSA_kwCzR0hTQS00cXE1LW14eHgtbTZnZ84AA3Oh
MLflow authentication requirement bypass can allow a user to arbitrarily create an accountEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 33.7
Published: 8 months ago
Critical
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: 8 months ago
GSA_kwCzR0hTQS01cDNoLTdmd2gtOTJyY84AA3OR
Remote Code Execution due to Full Controled File Write in mlflowEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: 8 months ago
Critical
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: 8 months ago
GSA_kwCzR0hTQS1mNzk4LXFtNHItMjNyNc4AA3ON
MLflow allowed arbitrary files to be PUT onto the serverEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: 8 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: 12 months ago
GSA_kwCzR0hTQS1mZnczLTYzNzgtY3FncM4AA0-f
mlflow vulnerable to OS Command InjectionEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: 12 months ago
Critical
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: about 1 year ago
GSA_kwCzR0hTQS1mbXhqLTZoOWctNnZ3M84AA0y8
MLflow Path Traversal vulnerabilityEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: about 1 year ago
Critical
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: about 1 year ago
GSA_kwCzR0hTQS13anEzLTdqeHgtd2hqOc4AAzYV
mlflow Path Traversal vulnerabilityEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: about 1 year ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: about 1 year ago
GSA_kwCzR0hTQS13YzZqLTVnODMteGZtNs4AAzRj
mflow vulnerable to directory traversalEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: about 1 year ago
Critical
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS04M2ZtLXc3OW0tNjRyNc4AAzCj
Remote file access vulnerability in `mlflow server` and `mlflow ui` CLIsEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Critical
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: about 1 year ago
GSA_kwCzR0hTQS14NDIyLTZxaHYtcDI5Z84AAzAd
Relative path traversal in mlflowEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: about 1 year ago
Low
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: over 1 year ago
GSA_kwCzR0hTQS13cDcyLTdoajktNTI2Nc4AAyUI
Remote file existence check vulnerability in `mlflow server` and `mlflow ui` CLIsEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: over 1 year ago
Critical
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: over 1 year ago
GSA_kwCzR0hTQS14ZzczLTk0ZnAtZzQ0Oc4AAyUH
mlflow is vulnerable to remote file access in `mlflow server` and `mlflow ui` CLIsEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: over 1 year ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 30.4
Published: over 2 years ago
GSA_kwCzR0hTQS12cWoyLTR2OG0tOHZycc0uPQ
Insecure Temporary File in mlflowEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 30.4
Published: over 2 years ago
Statistics
Advisories: 19,584
Packages: 8,642
Repositories: 2
Ecosystems: 12
Packages: 8,642
Repositories: 2
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
tensorflow
432
tensorflow-cpu
387
tensorflow-gpu
384
apache-airflow
82
django
80
ansible
63
salt
55
Plone
52
apache-superset
51
nova
47
mlflow
46
plone
43
rdiffweb
42
Pillow
41
vyper
38
Django
36
matrix-synapse
35
moin
35
keystone
31
opencv-contrib-python
30
opencv-python
30
glance
20
gradio
18
langchain
18
cobbler
17
mercurial
17
PaddlePaddle
17
neutron
16
pillow
16
paddlepaddle
15
cryptography
15
notebook
15
modoboa
14
pyload-ng
14
pyftpdlib
14
ethyca-fides
13
OctoPrint
13
vantage6
13
calibreweb
12
urllib3
12
swift
12
wagtail
12
roundup
12
zenml
11
twisted
11
aiohttp
11
onionshare-cli
11
horizon
11
nautobot
10
trytond
10
Flask-AppBuilder
10
opencv-contrib-python-headless
9
opencv-python-headless
9
zope
9
ryu
9
waitress
9
cinder
9
kiwitcms
9
Zope
9
python-keystoneclient
8
aubio
8
sentry
8
trac
8
numpy
8
label-studio
8
pysaml2
7
lief
7
litellm
7
scrapy
7
ipython
7
pip
7
matrix-sydent
7
jupyter-server
7
pgadmin4
7
lollms
7
Zope2
6
web2py
6
tuf
6
lxml
6
tornado
6
mailman
6
requests
6
graphite-web
6
apache-airflow-providers-apache-hive
6
yt-dlp
6
inventree
6
mindsdb
6
Moin
6
pyspark
5
nltk
5
whoogle-search
5
ckan
5
paramiko
5
omero-web
5
torchserve
5
Jinja2
5
python-gnupg
5
lmdb
5
saleor
5
Products.CMFPlone
5
oauthenticator
5
feedparser
5
bleach
5
transformers
4
markdown2
4
keylime
4
FreeTAKServer-UI
4
Keystone
4
httpie
4
buildbot
4
nvflare
4
tripleo-heat-templates
4
pretix
4
esphome
4
langchain-experimental
4
GitPython
4
datasette
4
ansible-core
4
dbt-core
4
PyPDF2
4
starlette
4
Nova
4
Flask-Security-Too
4
Werkzeug
4
jupyterhub
4
barbican
4
grpc
4
grpcio
4
werkzeug
4
qutebrowser
4
Radicale
4
jwcrypto
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
Scrapy
4
bottle
4
aws-iot-device-sdk-v2
4
awsiotsdk
4
Pygments
4
Weblate
4
reportlab
4
Kallithea
3
sickrage
3
setuptools
3
apache-libcloud
3
jupyterlab
3
ajenti
3
onnx
3
protobuf
3
mitmproxy
3
pyarrow
3
httplib2
3
python-jose
3
certifi
3
asyncssh
3
sosreport
3
scikit-learn
3
changedetection.io
3
vanna
3
pandasai
3
ray
3
apache-airflow-providers-apache-spark
3
sanic
3
ydata-profiling
3
mayan-edms
3
homeassistant
3
fava
3
indy-node
3
aim
3
rsa
3
io.grpc:grpc-protobuf
3
openvpn-monitor
3
apache-iotdb
3
gerapy
3
asyncua
3
wger
3
bitlyshortener
3
pywasm3
3
keyring
3
Mezzanine
3
SQLAlchemy
3
dtale
3
Products.PluggableAuthService
3
copyparty
3
mistune
3
pyyaml
3
indico
3
flask
3
keystonemiddleware
3
localstack
3
poetry
3
streamlit
3
ecdsa
3
clearml
3
plone.app.event
3
torch
3
sqlparse
3
Red-DiscordBot
3
docassemble.webapp
3
tinymce
3
llama-index
3
Filter by Repository