Low osv · GHSA-hvc6-42vf-jhf8

mlflow Command Injection vulnerability

Published Dec 19, 2023 CVSS 3.1

with only one user interaction(download a malicious config), attackers can gain full command execution on the victim system.

Remote Code Execution

mlflow

Get the weekly digest. Every Monday: top AI security stories of the week. Free.