mlflow vulnerabilities

Known vulnerabilities in the mlflow package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Server-side Request Forgery (SSRF)	[,3.0.0)
M Missing Input Length Validation	[,2.21.0)
H Allocation of Resources Without Limits or Throttling	[,3.1.1)
M Weak Password Requirements	[,2.19.0rc0)
H Cross-site Request Forgery (CSRF)	[,2.20.2)
H Relative Path Traversal	[,2.17.0rc0)
H Time-of-check Time-of-use (TOCTOU) Race Condition	[,2.16.0)
H Arbitrary Code Injection	[,2.15.0)
M Undefined Behavior	[,2.11.3)
H Improper Access Control	[,2.11.3)
C Remote Code Execution (RCE)	[,2.9.0)
H Deserialization of Untrusted Data	[1.27.0,)
H Deserialization of Untrusted Data	[0.5.0,)
H Improper Control of Generation of Code ('Code Injection')	[1.11.0,)
H Deserialization of Untrusted Data	[2.5.0,)
H Deserialization of Untrusted Data	[2.0.0rc0,)
H Deserialization of Untrusted Data	[1.23.0,)
H Deserialization of Untrusted Data	[1.24.0,)
H Deserialization of Untrusted Data	[1.1.0,)
H Deserialization of Untrusted Data	[0.9.0,)
H Path Traversal	[,2.11.2)[2.12.0,2.12.1)
M Improper Access Control	[,2.12.1)
H Path Traversal	[,2.12.1)
H Path Traversal	[,2.13.0)
H Path Traversal	[,2.11.3)
H Path Traversal	[,2.11.3)
H Path Traversal	[,2.11.3)[2.12.0,2.12.1)
C Path Traversal	[,2.10.0)
M Cross-site Scripting (XSS)	[,2.10.0)
H Arbitrary Code Injection	[,2.10.0)
C Improper Access Control	[,2.9.2)
H Directory Traversal	[,2.9.2)
H Arbitrary File Read	[,2.10.0)
H Server-Side Request Forgery (SSRF)	[,2.9.2)
H Command Injection	[,2.9.2)
H Directory Traversal	[,2.9.2)
H Directory Traversal	[,2.9.2)
H Path Traversal	[,2.9.2)
C Improper Neutralization of Special Elements Used in a Template Engine	[,2.9.2)
M Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')	[,2.9.0)
M Information Exposure	[2.0.0,2.9.0)
C OS Command Injection	[,2.9.0)
C Use of GET Request Method With Sensitive Query Strings	[,2.8.0)
H Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')	[,2.8.1)
H Command Injection	[0,2.6.0)
C Directory Traversal	[2.2.0,2.5.0)
H Directory Traversal	[,2.4.1)
C Arbitrary File Read	[,2.3.0)
H Directory Traversal	[,2.0.0rc0)
C Relative Path Traversal	[,2.3.1)
C Access Restriction Bypass	[,2.3.1)
H Relative Path Traversal	[,2.3.1)
M Access Restriction Bypass	[,2.2.0)
C Improper Access Control	[,2.2.1)
H Insecure Temporary File	[,1.23.1)

Vulnerability

Vulnerable Version

Server-side Request Forgery (SSRF)

[,3.0.0)

Missing Input Length Validation

[,2.21.0)

Allocation of Resources Without Limits or Throttling

[,3.1.1)

Weak Password Requirements

[,2.19.0rc0)

Cross-site Request Forgery (CSRF)

[,2.20.2)

Relative Path Traversal

[,2.17.0rc0)

Time-of-check Time-of-use (TOCTOU) Race Condition

[,2.16.0)

Arbitrary Code Injection

[,2.15.0)

Undefined Behavior

[,2.11.3)

Improper Access Control

[,2.11.3)

Remote Code Execution (RCE)

[,2.9.0)

Deserialization of Untrusted Data

[1.27.0,)

Deserialization of Untrusted Data

[0.5.0,)

Improper Control of Generation of Code ('Code Injection')

[1.11.0,)

Deserialization of Untrusted Data

[2.5.0,)

Deserialization of Untrusted Data

[2.0.0rc0,)

Deserialization of Untrusted Data

[1.23.0,)

Deserialization of Untrusted Data

[1.24.0,)

Deserialization of Untrusted Data

[1.1.0,)

Deserialization of Untrusted Data

[0.9.0,)

Path Traversal

[,2.11.2)[2.12.0,2.12.1)

Improper Access Control

[,2.12.1)

[,2.12.1)

[,2.13.0)

[,2.11.3)

[,2.11.3)

[,2.11.3)[2.12.0,2.12.1)

Path Traversal

[,2.10.0)

Cross-site Scripting (XSS)

[,2.10.0)

Arbitrary Code Injection

[,2.10.0)

Improper Access Control

[,2.9.2)

Directory Traversal

[,2.9.2)

Arbitrary File Read

[,2.10.0)

Server-Side Request Forgery (SSRF)

[,2.9.2)

[,2.9.2)

[,2.9.2)

[,2.9.2)

[,2.9.2)

Improper Neutralization of Special Elements Used in a Template Engine

[,2.9.2)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

[,2.9.0)

Information Exposure

[2.0.0,2.9.0)

OS Command Injection

[,2.9.0)

Use of GET Request Method With Sensitive Query Strings

[,2.8.0)

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

[,2.8.1)

[0,2.6.0)

[2.2.0,2.5.0)

[,2.4.1)

[,2.3.0)

[,2.0.0rc0)

Relative Path Traversal

[,2.3.1)

Access Restriction Bypass

[,2.3.1)

Relative Path Traversal

[,2.3.1)

Access Restriction Bypass

[,2.2.0)

Improper Access Control

[,2.2.1)

Insecure Temporary File

[,1.23.1)

Package versions

155 VERSIONS IN TOTAL See all versions

version	published	direct vulnerabilities
3.4.0	17 Sep, 2025	0 C 9 H 0 M 0 L
3.4.0rc0	12 Sep, 2025	0 C 9 H 0 M 0 L
3.3.2	27 Aug, 2025	0 C 9 H 0 M 0 L
3.3.1	20 Aug, 2025	0 C 9 H 0 M 0 L
3.3.0	19 Aug, 2025	0 C 9 H 0 M 0 L
3.3.0rc0	13 Aug, 2025	0 C 9 H 0 M 0 L
3.2.0	5 Aug, 2025	0 C 9 H 0 M 0 L
3.2.0rc0	29 Jul, 2025	0 C 9 H 0 M 0 L
3.1.4	23 Jul, 2025	0 C 9 H 0 M 0 L
3.1.3	22 Jul, 2025	0 C 9 H 0 M 0 L

mlflow vulnerabilities

MLflow is an open source platform for the complete machine learning lifecycle

latest version

first published

latest version published

licenses detected

Direct Vulnerabilities

How to fix?

Package versions