Launch Week Day 1: Announcing Security Design Review

MLflow allowed arbitrary files to be PUT onto the server

GHSA-f798-qm4r-23r5 · BIT-mlflow-2023-6015 · CVE-2023-6015

Published Nov 16, 2023 · Modified Feb 16, 2024

Description

MLflow allowed arbitrary files to be PUT onto the server.

References

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes