Safety vulnerability ID: 74438
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Affected versions of MLflow are vulnerable to Incorrect Default Permissions (CWE-276). During installation, file permissions are set to allow any user to modify installed files, enabling unauthorized users to alter MLflow’s functionality or execute arbitrary code. This vulnerability can be exploited by local attackers with system access to compromise the integrity and security of the MLflow deployment.
Latest version: 2.19.0
MLflow is an open source platform for the complete machine learning lifecycle
This vulnerability has no description
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application