Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

pypi mlflow Security Advisories

Loading...
High
GSA_kwCzR0hTQS02NzQ5LW01Y3AtNmNnN84AA5e2
Cross-site Scripting in MLFlow
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Published: about 1 month ago
High
GSA_kwCzR0hTQS0zdjc5LXE3cGgtajc1aM4AA5e3
MLFlow Cross-site Scripting vulnerability leads to client-side Remote Code Execution
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Published: about 1 month ago
Critical
GSA_kwCzR0hTQS01OXYzLTg5OHItcXdoas4AA37g
MLflow Server-Side Request Forgery (SSRF)
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Published: 3 months ago
High
GSA_kwCzR0hTQS1xZzhwLTMyZ3ItZ2g2eM4AA37h
MLflow Local File Disclosure Vulnerability
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Published: 3 months ago
Critical
GSA_kwCzR0hTQS1oaDhwLXA4bXAtZ3Fobc4AA37i
MLFlow Path Traversal Vulnerability
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Published: 3 months ago
High
GSA_kwCzR0hTQS01cjNxLTkzcTMtZjk3OM4AA37c
MLflow Path Traversal Vulnerability
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Published: 3 months ago
High
GSA_kwCzR0hTQS13djhxLTRmODUtMnA4cM4AA37f
MLflow Path Traversal Vulnerability
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Published: 3 months ago
High
GSA_kwCzR0hTQS1odmM2LTQydmYtamhmOM4AA35I
mlflow Command Injection vulnerability
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Published: 3 months ago
Critical
GSA_kwCzR0hTQS01NTR3LXhoNGotOHc2NM4AA3yh
Path traversal in MLflow
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Published: 3 months ago
High
GSA_kwCzR0hTQS12OTQ1LXIzcmMtNmZqbc4AA3ti
Path traversal in MLflow
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Published: 4 months ago
High
GSA_kwCzR0hTQS1jeGZyLTVxM3ItMnJjMs4AA3r7
Jinja2 template injection in mlflow
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Published: 4 months ago
Moderate
GSA_kwCzR0hTQS12d2hmLTN2Nngtd2ZmOM4AA3mS
Cross-site Scripting in MLflow
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Published: 4 months ago
High
GSA_kwCzR0hTQS13cXhmLTQ0N20tNmY1Zs4AA3kN
Information exposure in MLflow
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Published: 4 months ago
Critical
GSA_kwCzR0hTQS00cXE1LW14eHgtbTZnZ84AA3Oh
MLflow authentication requirement bypass can allow a user to arbitrarily create an account
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Published: 4 months ago
Critical
GSA_kwCzR0hTQS01cDNoLTdmd2gtOTJyY84AA3OR
Remote Code Execution due to Full Controled File Write in mlflow
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Published: 4 months ago
Critical
GSA_kwCzR0hTQS1mNzk4LXFtNHItMjNyNc4AA3ON
MLflow allowed arbitrary files to be PUT onto the server
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Published: 4 months ago
High
GSA_kwCzR0hTQS1mZnczLTYzNzgtY3FncM4AA0-f
mlflow vulnerable to OS Command Injection
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Published: 8 months ago
Critical
GSA_kwCzR0hTQS1mbXhqLTZoOWctNnZ3M84AA0y8
MLflow Path Traversal vulnerability
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Published: 8 months ago
Critical
GSA_kwCzR0hTQS13anEzLTdqeHgtd2hqOc4AAzYV
mlflow Path Traversal vulnerability
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Published: 11 months ago
High
GSA_kwCzR0hTQS13YzZqLTVnODMteGZtNs4AAzRj
mflow vulnerable to directory traversal
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Published: 11 months ago
Critical
GSA_kwCzR0hTQS04M2ZtLXc3OW0tNjRyNc4AAzCj
Remote file access vulnerability in `mlflow server` and `mlflow ui` CLIs
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Published: 11 months ago
Critical
GSA_kwCzR0hTQS14NDIyLTZxaHYtcDI5Z84AAzAd
Relative path traversal in mlflow
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Published: 11 months ago
Low
GSA_kwCzR0hTQS13cDcyLTdoajktNTI2Nc4AAyUI
Remote file existence check vulnerability in `mlflow server` and `mlflow ui` CLIs
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS14ZzczLTk0ZnAtZzQ0Oc4AAyUH
mlflow is vulnerable to remote file access in `mlflow server` and `mlflow ui` CLIs
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS12cWoyLTR2OG0tOHZycc0uPQ
Insecure Temporary File in mlflow
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Published: about 2 years ago
Statistics
Advisories: 17,221
Packages: 7,995
Repositories: 2
Ecosystems: 12
Filter by Package
tensorflow 432 tensorflow-cpu 387 tensorflow-gpu 384 django 81 apache-airflow 77 ansible 57 apache-superset 48 rdiffweb 42 Pillow 41 plone 38 Plone 36 matrix-synapse 34 vyper 32 opencv-python 30 opencv-contrib-python 30 mlflow 25 Django 19 langchain 17 PaddlePaddle 17 cobbler 16 notebook 15 cryptography 15 paddlepaddle 15 modoboa 14 nova 13 pillow 13 pyload-ng 13 pyftpdlib 13 OctoPrint 12 vantage6 12 onionshare-cli 11 gradio 11 urllib3 11 twisted 11 calibreweb 11 glance 11 keystone 11 salt 10 Flask-AppBuilder 10 zope 9 opencv-contrib-python-headless 9 opencv-python-headless 9 ethyca-fides 9 wagtail 9 aiohttp 9 Zope 9 kiwitcms 9 waitress 9 aubio 8 numpy 8 neutron 8 label-studio 8 matrix-sydent 7 jupyter-server 7 nautobot 7 moin 7 scrapy 7 python-keystoneclient 7 pysaml2 7 pip 7 lief 7 swift 7 Zope2 6 lxml 6 inventree 6 ipython 6 tuf 6 graphite-web 6 web2py 6 mailman 6 apache-airflow-providers-apache-hive 6 requests 5 feedparser 5 horizon 5 pyspark 5 sentry 5 whoogle-search 5 saleor 5 paramiko 5 ckan 5 bleach 5 Products.CMFPlone 5 python-gnupg 5 pgadmin4 5 mindsdb 5 bottle 4 httpie 4 PyPDF2 4 Jinja2 4 markdown2 4 oauthenticator 4 omero-web 4 grpc 4 grpcio 4 nltk 4 jupyterhub 4 keylime 4 datasette 4 ansible-core 4 werkzeug 4 pretix 4 starlette 4 nvflare 4 trytond 4 FreeTAKServer-UI 4 Flask-Security-Too 4 esphome 4 reportlab 4 GitPython 4 software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk 4 Pygments 4 qutebrowser 4 awsiotsdk 4 aws-iot-device-sdk-v2 4 gerapy 3 ansible-runner 3 Weblate 3 protobuf 3 mistune 3 transformers 3 ujson 3 io.grpc:grpc-protobuf 3 openvpn-monitor 3 indico 3 pyyaml 3 keyring 3 wger 3 asyncua 3 apache-iotdb 3 rsa 3 tripleo-heat-templates 3 sickrage 3 apache-libcloud 3 indy-node 3 quokka 3 streamlit 3 ecdsa 3 roundup 3 apache-airflow-providers-apache-spark 3 pyarrow 3 mitmproxy 3 django-helpdesk 3 asyncssh 3 copyparty 3 Werkzeug 3 onnx 3 barbican 3 plone.app.event 3 plone.app.theming 3 plone.app.dexterity 3 plone.supermodel 3 pywasm3 3 ray 3 jwcrypto 3 cinder 3 localstack 3 tornado 3 slixmpp 3 clearml 3 Keystone 3 mayan-edms 3 poetry 3 docassemble.webapp 3 yt-dlp 3 pandasai 3 fava 3 jupyterlab 3 bitlyshortener 3 torchserve 3 flask 3 Products.PluggableAuthService 3 mercurial 2 Mezzanine 2 ryu 2 apache-airflow-providers-apache-sqoop 2 python-cjson 2 pyxdg 2 django-sendfile2 2 tlslite-ng 2 org.apache.spark:spark-core 2 pyopenssl 2 ctx 2 uvicorn 2 aws-encryption-sdk-cli 2 wasm3 2 aiohttp-session 2 snowflake-connector-python 2 apache-airflow-providers-apache-drill 2 tripleo-ansible 2 pymatgen 2 scancodeio 2 superset 2 piccolo 2 django-unicorn 2 shuup 2 python-apt 2 dompurify 2 jinja2 2 pypdf 2 bikeshed 2