A directory traversal vulnerability in the /get-artifact API method of the mlflow platform up to v2.0.1 allows attackers to read arbitrary files on the server via the path parameter.
{ "severity": "High", "cpes": [ "cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:*" ] }