Ben Wilson

5 exploits Active since Apr 2023
CVE-2023-2356 WRITEUP HIGH WRITEUP
mlflow/mlflow <2.3.1 - Path Traversal
Relative Path Traversal in GitHub repository mlflow/mlflow prior to 2.3.1.
CVSS 7.5
CVE-2023-6753 WRITEUP HIGH WRITEUP
Lfprojects Mlflow < 2.9.2 - Path Traversal
Path Traversal in GitHub repository mlflow/mlflow prior to 2.9.2.
CVSS 8.8
CVE-2023-6940 WRITEUP HIGH WRITEUP
Lfprojects Mlflow < 2.9.2 - Command Injection
with only one user interaction(download a malicious config), attackers can gain full command execution on the victim system.
CVSS 8.8
CVE-2025-10279 WRITEUP HIGH WRITEUP
mlflow <2.20.3 - Code Injection
In mlflow version 2.20.3, the temporary directory used for creating Python virtual environments is assigned insecure world-writable permissions (0o777). This vulnerability allows an attacker with write access to the `/tmp` directory to exploit a race condition and overwrite `.py` files in the virtual environment, leading to arbitrary code execution. The issue is resolved in version 3.4.0.
CVSS 7.0
CVE-2025-14279 WRITEUP HIGH WRITEUP
MLFlow <3.4.0 - SSRF
MLFlow versions up to and including 3.4.0 are vulnerable to DNS rebinding attacks due to a lack of Origin header validation in the MLFlow REST server. This vulnerability allows malicious websites to bypass Same-Origin Policy protections and execute unauthorized calls against REST endpoints. An attacker can query, update, and delete experiments via the affected endpoints, leading to potential data exfiltration, destruction, or manipulation. The issue is resolved in version 3.5.0.
CVSS 8.1