kubeflow-pipelines vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the kubeflow-pipelines package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
L GHSA-p84v-gxvw-73pf	<2.14.3-r3
L GHSA-c2hv-4pfj-mm2r	<2.14.3-r3
L Directory Traversal	<2.14.3-r3
L Insufficiently Protected Credentials	<2.14.3-r3
L Allocation of Resources Without Limits or Throttling	<2.14.3-r1
L GHSA-4hjh-wcwx-xvwj	<2.14.3-r1
L GHSA-48p4-8xcf-vxj5	<2.5.0-r4
L GHSA-pq67-6m6q-mj2v	<2.5.0-r4
M Open Redirect	<2.5.0-r4
L Open Redirect	<2.5.0-r4
L Resource Exhaustion	<2.5.0-r3
L GHSA-v6h2-p8h4-qcjw	<2.5.0-r3
L CVE-2024-29041	<2.4.0-r9
L GHSA-pxg6-pf52-xh8x	<2.4.0-r9
L GHSA-rv95-896h-c2vc	<2.4.0-r9
L GHSA-93mq-9ffx-83m2	<2.4.0-r9
L CVE-2024-47764	<2.4.0-r9
L Allocation of Resources Without Limits or Throttling	<2.4.0-r9
L GHSA-qxp5-gwg8-xv66	<2.4.0-r8
L CVE-2025-22870	<2.4.0-r8
L GHSA-gxpj-cx7g-858c	<2.4.0-r7
M Resource Exhaustion	<2.4.0-r7
L CVE-2025-22868	<2.4.0-r6
L GHSA-jr5f-v2jv-69x6	<2.4.0-r5
L CVE-2025-22869	<2.4.0-r5
H Server-Side Request Forgery (SSRF)	<2.4.0-r5
L GHSA-79v4-65xg-pq4g	<2.4.0-r4
L CVE-2024-12797	<2.4.0-r4
L CVE-2025-22866	<2.4.0-r3
L GHSA-3whm-j4xm-rv8x	<2.4.0-r3
L GHSA-6wxm-mpqj-6jpf	<2.4.0-r2
L CVE-2024-45339	<2.4.0-r2
L GHSA-w32m-9786-jp63	<2.3.0-r5
L CVE-2024-45338	<2.3.0-r5
L GHSA-v778-237x-gjrc	<2.3.0-r4
L CVE-2024-45337	<2.3.0-r4
L CVE-2024-10220	<2.3.0-r3
L GHSA-27wf-5967-98gx	<2.3.0-r3
L Inefficient Regular Expression Complexity	<2.3.0-r3
L GHSA-rhx6-c78j-4q9w	<2.3.0-r3
L GHSA-qwcr-r2fm-qrc7	<2.2.0-r12
L GHSA-j7vj-rw65-4v26	<2.2.0-r12
L GHSA-crqm-pwhx-j97f	<2.2.0-r12
L GHSA-qw6h-vgh9-j6wx	<2.2.0-r12
M Cross-site Scripting (XSS)	<2.2.0-r12
L GHSA-8xfx-rj4p-23jm	<2.2.0-r12
L GHSA-m6fv-jmcg-4jfg	<2.2.0-r12
L GHSA-cm22-4g7w-348p	<2.2.0-r12
L GHSA-9wv6-86v2-598j	<2.2.0-r12
H CVE-2024-45590	<2.2.0-r12
M Cross-site Scripting (XSS)	<2.2.0-r12
L CVE-2024-34158	<2.2.0-r12
L Inefficient Regular Expression Complexity	<2.2.0-r12
L CVE-2024-34156	<2.2.0-r12
M Cross-site Scripting (XSS)	<2.2.0-r12
L CVE-2024-34155	<2.2.0-r12
H Server-Side Request Forgery (SSRF)	<2.2.0-r10
L GHSA-8hc4-vh64-cxmj	<2.2.0-r10
H Resource Exhaustion	<2.2.0-r9
L GHSA-mpg4-rc92-vx8v	<2.2.0-r9
L CVE-2024-5321	<2.2.0-r8
L GHSA-82m2-cv7p-4m75	<2.2.0-r8
L GHSA-jfmj-5v4g-7637	<2.2.0-r7
L Loop with Unreachable Exit Condition ('Infinite Loop')	<2.2.0-r7
L GHSA-248v-346w-9cwc	<2.2.0-r6
H Insufficient Verification of Data Authenticity	<2.2.0-r6
L CVE-2024-24791	<2.2.0-r5
L GHSA-hw49-2p59-3mhj	<2.2.0-r5
L GHSA-3h5v-q93c-6h6q	<2.2.0-r4
L CVE-2024-37890	<2.2.0-r4
L GHSA-34jh-p97f-mpxf	<2.2.0-r4
L CVE-2024-37891	<2.2.0-r4
L GHSA-8cfg-vx93-jvxw	<2.2.0-r3
M Information Exposure Through Log Files	<2.2.0-r3
L GHSA-9wx4-h78v-vm56	<2.2.0-r2
L CVE-2024-35195	<2.2.0-r2
L GHSA-33c5-9fx5-fvjm	<2.1.0-r0
M Open Redirect	<2.1.0-r0
L GHSA-jjg7-2v4v-x38h	<2.1.0-r0
H Inefficient Regular Expression Complexity	<2.1.0-r0
L GHSA-pxhw-596r-rwq5	<2.0.5-r7
L CVE-2024-3177	<2.0.5-r7
L CVE-2023-45288	<2.0.5-r7
L GHSA-4v7x-pqxf-cx7m	<2.0.5-r7
H Improper Input Validation	<2.0.5-r5
L GHSA-q78c-gwqw-jcmc	<2.0.5-r5
L GHSA-cxjh-pqwp-8mfp	<2.0.5-r5
L CVE-2024-24786	<2.0.5-r5
L GHSA-8r3f-844c-mc37	<2.0.5-r5
L CVE-2024-28849	<2.0.5-r5
L CVE-2023-45290	<2.0.5-r4
L GHSA-3q2c-pvp5-3cqp	<2.0.5-r4
L GHSA-32ch-6x54-q4h9	<2.0.5-r4
L CVE-2024-24785	<2.0.5-r4
L GHSA-rr6r-cfgf-gc6h	<2.0.5-r4
L GHSA-fgq5-q76c-gx78	<2.0.5-r4
L CVE-2024-24784	<2.0.5-r4
L CVE-2023-45289	<2.0.5-r4
L CVE-2024-24783	<2.0.5-r4
L GHSA-j6m3-gc37-6r6q	<2.0.5-r4
L GHSA-6vqw-3v5j-54x4	<2.0.5-r3
H NULL Pointer Dereference	<2.0.5-r3
L GHSA-9v9h-cgj8-h64p	<2.0.5-r3
M CVE-2024-0727	<2.0.5-r3
L GHSA-3ww4-gg4f-jr7f	<2.0.5-r3
H Information Exposure	<2.0.5-r3
L GHSA-jchw-25xp-jwwc	<2.0.5-r2
M Open Redirect	<2.0.5-r2
M Improper Validation of Integrity Check Value	<2.0.5-r1
L GHSA-45x7-px36-x8w8	<2.0.5-r1

Vulnerability

Vulnerable Version

GHSA-p84v-gxvw-73pf

<2.14.3-r3