CVE-2025-14279

Source
https://cve.org/CVERecord?id=CVE-2025-14279
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-14279.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-14279
Aliases
Published
2026-01-12T08:15:58.607Z
Modified
2026-07-15T01:48:52.956606851Z
Severity
  • 8.1 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N CVSS Calculator
Summary
DNS Rebinding Vulnerability in mlflow/mlflow
Details

MLFlow versions up to and including 3.4.0 are vulnerable to DNS rebinding attacks due to a lack of Origin header validation in the MLFlow REST server. This vulnerability allows malicious websites to bypass Same-Origin Policy protections and execute unauthorized calls against REST endpoints. An attacker can query, update, and delete experiments via the affected endpoints, leading to potential data exfiltration, destruction, or manipulation. The issue is resolved in version 3.5.0.

Database specific
{
    "cna_assigner": "@huntr_ai",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/14xxx/CVE-2025-14279.json",
    "cwe_ids": [
        "CWE-346"
    ]
}
References

Affected packages

Git / github.com/mlflow/mlflow

Affected ranges

Type
GIT
Repo
https://github.com/mlflow/mlflow
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed
Database specific
{
    "cpe": "cpe:2.3:a:lfprojects:mlflow:*:-:*:*:*:*:*:*",
    "source": [
        "CPE_RANGE",
        "REFERENCES"
    ],
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "3.5.0"
        }
    ]
}

Affected versions

1.*
1.0.0
Other
nightly
v0.*
v0.2.0
v0.2.1
v0.3.0
v0.4.0
v0.4.1
v0.4.2
v0.5.0
v0.6.0
v0.7
v0.8.0
v0.8.1
v1.*
v1.7.0
v2.*
v2.2.0
v3.*
v3.0.0
v3.5.0rc0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-14279.json"