CVE-2025-0453

Summary

In mlflow/mlflow version 2.17.2, the /graphql endpoint is vulnerable to a denial of service attack. An attacker can create large batches of queries that repeatedly request all runs from a given experiment. This can tie up all the workers allocated by MLFlow, rendering the application unable to respond to other requests. This vulnerability is due to uncontrolled resource consumption.

Affected Software

VendorProductVersion RangeStatus
mlflowmlflow/mlflowunspecified <= latestaffected

Weaknesses

  • CWE-410: CWE-410 Insufficient Resource Pool

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

Additional References

References