Harutaka Kawamura

9 exploits Active since Mar 2023
CVE-2023-1176 WRITEUP LOW WRITEUP
Lfprojects Mlflow < 2.2.2 - Absolute Path Traversal
Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.2.2.
CVSS 3.3
CVE-2023-2780 WRITEUP CRITICAL WRITEUP
Lfprojects Mlflow < 2.3.1 - Path Traversal
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.3.1.
CVSS 9.8
CVE-2023-6709 WRITEUP HIGH WRITEUP
mlflow/mlflow <2.9.2 - Info Disclosure
Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository mlflow/mlflow prior to 2.9.2.
CVSS 8.8
CVE-2023-6753 WRITEUP HIGH WRITEUP
Lfprojects Mlflow < 2.9.2 - Path Traversal
Path Traversal in GitHub repository mlflow/mlflow prior to 2.9.2.
CVSS 8.8
CVE-2023-6975 WRITEUP CRITICAL WRITEUP
MLflow <= 2.9.2 - Command Injection
A malicious user could use this issue to get command execution on the vulnerable machine and get access to data & models information.
CVSS 9.8
CVE-2023-6976 WRITEUP HIGH WRITEUP
Lfprojects Mlflow < 2.9.2 - Unrestricted File Upload
This vulnerability is capable of writing arbitrary files into arbitrary locations on the remote filesystem in the context of the server process.
CVSS 8.8
CVE-2023-6977 WRITEUP HIGH WRITEUP
MLflow < 2.9.2 - Information Disclosure
This vulnerability enables malicious users to read sensitive files on the server.
CVSS 7.5
CVE-2024-8859 WRITEUP HIGH WRITEUP
Lfprojects Mlflow < 2.17.0rc0 - Path Traversal
A path traversal vulnerability exists in mlflow/mlflow version 2.15.1. When users configure and use the dbfs service, concatenating the URL directly into the file protocol results in an arbitrary file read vulnerability. This issue occurs because only the path part of the URL is checked, while parts such as query and parameters are not handled. The vulnerability is triggered if the user has configured the dbfs service, and during usage, the service is mounted to a local directory.
CVSS 7.5
CVE-2025-11201 WRITEUP CRITICAL WRITEUP
MLflow Tracking Server - RCE
MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of model file paths. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-26921.
CVSS 9.8