Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| mlflow | mlflow/mlflow | affected |
|
No data.
No data available yet.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2023-0161 | OS Command Injection in GitHub repository mlflow/mlflow prior to 2.6.0. |
 Github GHSA |
GHSA-ffw3-6378-cqgp | mlflow vulnerable to OS Command Injection |
Tue, 15 Oct 2024 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Mlflow
Mlflow mlflow |
|
| CPEs | cpe:2.3:a:mlflow:mlflow:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Mlflow
Mlflow mlflow |
|
| Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: @huntrdev
Published:
Updated: 2024-10-15T14:13:34.900Z
Reserved: 2023-08-01T00:00:07.140Z
Link: CVE-2023-4033
Vulnrichment
Updated: 2024-08-02T07:17:11.026Z
NVD
Status : Modified
Published: 2023-08-01T01:15:10.913
Modified: 2024-11-21T08:34:15.977
Link: CVE-2023-4033
Redhat
No data.
OpenCVE Enrichment
No data.