Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-pqcv-qw2r-r859: MLFlow improper input validation

Remote Code Execution can occur in versions of the MLflow platform running version 1.11.0 or newer, enabling a maliciously crafted MLproject to execute arbitrary code on an end user’s system when run due to unfiltered input.

ghsa
#git#rce

MLFlow improper input validation

High severity GitHub Reviewed Published Jun 4, 2024 to the GitHub Advisory Database • Updated Jun 5, 2024

ghsa: Latest News

GHSA-6jrf-rcjf-245r: changedetection.io path traversal using file URI scheme without supplying hostname