harupy

3 exploits Active since May 2024
CVE-2024-4263 WRITEUP MEDIUM WRITEUP
mlflow/mlflow <2.10.1 - Info Disclosure
A broken access control vulnerability exists in mlflow/mlflow versions before 2.10.1, where low privilege users with only EDIT permissions on an experiment can delete any artifacts. This issue arises due to the lack of proper validation for DELETE requests by users with EDIT permissions, allowing them to perform unauthorized deletions of artifacts. The vulnerability specifically affects the handling of artifact deletions within the application, as demonstrated by the ability of a low privilege user to delete a directory inside an artifact using a DELETE request, despite the official documentation stating that users with EDIT permission can only read and update artifacts, not delete them.
CVSS 5.4
CVE-2024-8859 WRITEUP HIGH WRITEUP
Lfprojects Mlflow < 2.17.0rc0 - Path Traversal
A path traversal vulnerability exists in mlflow/mlflow version 2.15.1. When users configure and use the dbfs service, concatenating the URL directly into the file protocol results in an arbitrary file read vulnerability. This issue occurs because only the path part of the URL is checked, while parts such as query and parameters are not handled. The vulnerability is triggered if the user has configured the dbfs service, and during usage, the service is mounted to a local directory.
CVSS 7.5
CVE-2025-1474 WRITEUP MEDIUM WRITEUP
mlflow/mlflow <2.19.0 - Info Disclosure
In mlflow/mlflow version 2.18, an admin is able to create a new user account without setting a password. This vulnerability could lead to security risks, as accounts without passwords may be susceptible to unauthorized access. Additionally, this issue violates best practices for secure user account management. The issue is fixed in version 2.19.0.
CVSS 5.5