Oxqndo

Name of the Vulnerable Software and Affected Versions: MLflow versions prior to 3.1.0 Description: The issue is related to the gateway proxy handler in MLflow, which lacks gateway path validation. This could potentially lead to exploitation. Recommendations: For versions prior to 3.1.0, update to version 3.1.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the gateway proxy handler until a patch is available.