Auth Bypass
91 entries
Every Auth Bypass entry VulnWatch has indexed, sorted by publication date.
Subscribe to this tag's RSS feed
Mlflow: Command Injection when serving models with enable_mlserver=True
A command injection vulnerability exists in Mlflow when serving a model with `enable_mlserver=True`. The `model_uri` is embedded directly into a shell command executed via `bash -c` without proper san...
langflow: /profile_pictures/{folder_name}/{file_name} endpoint file reading
## Vulnerability ### Path Traversal in `GET /api/v1/files/profile_pictures/{folder_name}/{file_name}` The `download_profile_picture` function in `src/backend/base/langflow/api/v1/files.py` construct...
MLflow Use of Default Password Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within...
MLflow Weak Password Requirements Authentication Bypass Vulnerability
MLflow Weak Password Requirements Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not re...
llama-index has Insecure Temporary File
The llama_index library version 0.12.33 sets the NLTK data directory to a subdirectory of the codebase by default, which is world-writable in multi-user environments. This configuration allows local u...
vLLM is vulnerable to timing attack at bearer auth
### Summary The API key support in vLLM performed validation using a method that was vulnerable to a timing attack. This could potentially allow an attacker to discover a valid API key using an approa...
Ollama vulnerable to Cross-Domain Token Exposure
Cross-Domain Token Exposure in server.auth.getAuthorizationToken in Ollama 0.6.7 allows remote attackers to steal authentication tokens and bypass access controls via a malicious realm value in a WWW-...
PYSEC-2025-147
Cross-Domain Token Exposure in server.auth.getAuthorizationToken in Ollama 0.6.7 allows remote attackers to steal authentication tokens and bypass access controls via a malicious realm value in a WWW-...
LiteLLM Has an Improper Authorization Vulnerability
An improper authorization vulnerability exists in the main-latest version of BerriAI/litellm. When a user with the role 'internal_user_viewer' logs into the application, they are provided with an over...
PYSEC-2025-118
Gradio is an open-source Python package that allows quick building of demos and web application for machine learning models, API, or any arbitrary Python function. Gradio's Access Control List (ACL) f...
Gradio Blocked Path ACL Bypass Vulnerability
## Summary Gradio's Access Control List (ACL) for file paths can be bypassed by altering the letter case of a blocked file or directory path. This vulnerability arises due to the lack of case normali...
MLflow's excessive directory permissions allow local privilege escalation
Excessive directory permissions in MLflow leads to local privilege escalation when using spark_udf. This behavior can be exploited by a local attacker to gain elevated permissions by using a ToCToU at...
PYSEC-2024-224
Excessive directory permissions in MLflow leads to local privilege escalation when using spark_udf. This behavior can be exploited by a local attacker to gain elevated permissions by using a ToCToU at...
litellm vulnerable to improper access control in team management
berriai/litellm version 1.34.34 is vulnerable to improper access control in its team management functionality. This vulnerability allows attackers to perform unauthorized actions such as creating, upd...
MLflow allows low privilege users to delete any artifact
A broken access control vulnerability exists in mlflow/mlflow versions before 2.10.1, where low privilege users with only EDIT permissions on an experiment can delete any artifacts. This issue arises...
PYSEC-2024-51
A broken access control vulnerability exists in mlflow/mlflow versions before 2.10.1, where low privilege users with only EDIT permissions on an experiment can delete any artifacts. This issue arises...