Known Vulnerabilities for products from Lfprojects
Listed below are 17 of the newest known vulnerabilities associated with the vendor "Lfprojects".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-34742 json | The Go MCP SDK used Go's standard encoding/json. Prior to version 1.4.0, the Model Context Protocol (MCP) Go SDK does not ena... | Not Provided | 2026-04-02 | 2026-04-03 |
| CVE-2026-33946 json | MCP Ruby SDK is the official Ruby SDK for Model Context Protocol servers and clients. Prior to version 0.9.2, the Ruby SDK's ... | Not Provided | 2026-03-27 | 2026-04-02 |
| CVE-2026-27896 json | The Go MCP SDK used Go's standard encoding/json.Unmarshal for JSON-RPC and MCP protocol message parsing in versions prior to ... | Not Provided | 2026-02-26 | 2026-04-14 |
| CVE-2026-27735 json | Model Context Protocol Servers is a collection of reference implementations for the model context protocol (MCP). In mcp-serv... | Not Provided | 2026-02-26 | 2026-04-14 |
| CVE-2024-22194 json | 2.8 - LOW | 2024-01-11 | 2024-01-19 | |
| CVE-2023-38496 json | Apptainer is an open source container platform. Version 1.2.0-rc.2 introduced an ineffective privilege drop when requesting c... | 3.3 - LOW | 2023-07-25 | 2023-08-02 |
| CVE-2023-30549 json | Apptainer is an open source container platform for Linux. There is an ext4 use-after-free flaw that is exploitable through ve... | 7.8 - HIGH | 2023-04-25 | 2023-11-25 |
| CVE-2023-30172 json | A directory traversal vulnerability in the /get-artifact API method of the mlflow platform up to v2.0.1 allows attackers to r... | 7.5 - HIGH | 2023-05-11 | 2023-05-22 |
| CVE-2023-23619 json | Modelina is a library for generating data models based on inputs such as AsyncAPI, OpenAPI, or JSON Schema documents. Version... | 8.8 - HIGH | 2023-01-26 | 2023-02-06 |
| CVE-2023-4033 json | OS Command Injection in GitHub repository mlflow/mlflow prior to 2.6.0. | 7.8 - HIGH | 2023-08-01 | 2023-08-04 |
| CVE-2023-3765 json | Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0. | 10 - CRITICAL | 2023-07-19 | 2023-07-28 |
| CVE-2023-2780 json | Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.3.1. | 9.8 - CRITICAL | 2023-05-17 | 2023-05-25 |
| CVE-2023-2356 json | Relative Path Traversal in GitHub repository mlflow/mlflow prior to 2.3.1. | 7.5 - HIGH | 2023-04-28 | 2023-05-05 |
| CVE-2023-1177 json | Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.2.1. | 9.8 - CRITICAL | 2023-03-24 | 2023-11-02 |
| CVE-2023-1176 json | Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.2.2. | 3.3 - LOW | 2023-03-24 | 2023-03-28 |
| CVE-2022-46397 json | FP.io VPP (Vector Packet Processor) 22.10, 22.06, 22.02, 21.10, 21.06, 21.01, 20.09, 20.05, 20.01, 19.08, and 19.04 Generates... | 7.5 - HIGH | 2023-03-28 | 2023-04-06 |
| CVE-2022-0736 json | Insecure Temporary File in GitHub repository mlflow/mlflow prior to 1.23.1. | 7.5 - HIGH | 2022-02-23 | 2023-06-27 |