Weichen Xu

**Name of the Vulnerable Software and Affected Versions** MLflow (affected versions not specified) **Description** The issue concerns excessive directory permissions in MLflow, which can lead to local privilege escalation when using `spark udf`. This behavior can be exploited by a local attacker to gain elevated permissions by using a Time-of-Check-to-Time-of-Use (ToCToU) attack. The issue is only relevant when the `spark udf()` MLflow API is called. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** mlflow/mlflow version 2.11.0 **Description** A path traversal issue exists due to insufficient validation of the fragment portion of artifact URLs. An attacker can exploit this by inserting a '#' character into the URL fragment, allowing them to bypass validation and construct a URL that ignores the protocol scheme. This enables arbitrary file read, including sensitive information such as SSH and cloud keys, by manipulating the URL's conversion into a filesystem path. **Recommendations** For mlflow/mlflow version 2.11.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.