kubeflow-pipelines vulnerabilities

Known vulnerabilities in the kubeflow-pipelines package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
H Server-Side Request Forgery (SSRF)	<2.2.0-r10
L GHSA-8hc4-vh64-cxmj	<2.2.0-r10
L GHSA-mpg4-rc92-vx8v	<2.2.0-r9
H Resource Exhaustion	<2.2.0-r9
L CVE-2024-5321	<2.2.0-r8
L GHSA-82m2-cv7p-4m75	<2.2.0-r8
L Resource Exhaustion	<2.2.0-r7
L GHSA-jfmj-5v4g-7637	<2.2.0-r7
L GHSA-248v-346w-9cwc	<2.2.0-r6
L CVE-2024-39689	<2.2.0-r6
L CVE-2024-24791	<2.2.0-r5
L GHSA-hw49-2p59-3mhj	<2.2.0-r5
L CVE-2024-37890	<2.2.0-r4
L GHSA-3h5v-q93c-6h6q	<2.2.0-r4
L CVE-2024-37891	<2.2.0-r4
L GHSA-34jh-p97f-mpxf	<2.2.0-r4
L GHSA-8cfg-vx93-jvxw	<2.2.0-r3
M Information Exposure Through Log Files	<2.2.0-r3
L GHSA-9wx4-h78v-vm56	<2.2.0-r2
L CVE-2024-35195	<2.2.0-r2
H CVE-2024-3651	<2.1.0-r0
L GHSA-jjg7-2v4v-x38h	<2.1.0-r0
L GHSA-4v7x-pqxf-cx7m	<2.0.5-r7
L CVE-2023-45288	<2.0.5-r7
L GHSA-8r3f-844c-mc37	<2.0.5-r5
L CVE-2024-24786	<2.0.5-r5
L CVE-2024-28849	<2.0.5-r5
L GHSA-cxjh-pqwp-8mfp	<2.0.5-r5
L GHSA-32ch-6x54-q4h9	<2.0.5-r4
L CVE-2024-24783	<2.0.5-r4
L CVE-2024-24785	<2.0.5-r4
L CVE-2024-24784	<2.0.5-r4
L GHSA-j6m3-gc37-6r6q	<2.0.5-r4
L GHSA-rr6r-cfgf-gc6h	<2.0.5-r4
L GHSA-3q2c-pvp5-3cqp	<2.0.5-r4
L CVE-2023-45289	<2.0.5-r4
L CVE-2023-45290	<2.0.5-r4
L GHSA-fgq5-q76c-gx78	<2.0.5-r4
L GHSA-6vqw-3v5j-54x4	<2.0.5-r3
L CVE-2024-26130	<2.0.5-r3
L GHSA-9v9h-cgj8-h64p	<2.0.5-r3
M CVE-2024-0727	<2.0.5-r3
L GHSA-3ww4-gg4f-jr7f	<2.0.5-r3
H Information Exposure	<2.0.5-r3
L GHSA-jchw-25xp-jwwc	<2.0.5-r2
M Open Redirect	<2.0.5-r2
M Improper Validation of Integrity Check Value	<2.0.5-r1
L GHSA-45x7-px36-x8w8	<2.0.5-r1

Vulnerability

Vulnerable Version

<2.2.0-r10

<2.2.0-r10

<2.2.0-r9

<2.2.0-r9

<2.2.0-r8