Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

zenml-io — Vulnerabilities & Security Advisories 12

Browse all 12 CVE security advisories affecting zenml-io. AI-powered Chinese analysis, POCs, and references for each vulnerability.

ZenML is an open-source MLOps platform enabling end-to-end machine learning pipeline orchestration. Historically, the project has faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation and insecure default configurations. While no major public security incidents have been documented, the 12 recorded CVEs highlight recurring issues in web application security and access control. The platform's complex architecture, integrating multiple components, has contributed to these vulnerabilities, emphasizing the need for rigorous security testing in MLOps environments.

Top products by zenml-io: zenml-io/zenml
CVE IDTitleCVSSSeverityPublished
CVE-2025-8406 Path Traversal in zenml-io/zenml — zenml-io/zenmlCWE-22 9.8AICriticalAI2025-10-05
CVE-2024-9340 Denial of Service (DoS) via Multipart Boundary in zenml-io/zenml — zenml-io/zenmlCWE-835 7.5 -2025-03-20
CVE-2024-4311 Lack of login attempt rate-limiting in zenml-io/zenml — zenml-io/zenmlCWE-770 9.8 -2024-11-14
CVE-2024-5062 Reflected XSS through survey redirect parameter in zenml-io/zenml — zenml-io/zenmlCWE-79 6.1AIMediumAI2024-06-30
CVE-2024-4680 Insufficient Session Expiration in zenml-io/zenml — zenml-io/zenmlCWE-613 9.1 -2024-06-08
CVE-2024-2032 Race Condition Vulnerability in zenml-io/zenml — zenml-io/zenmlCWE-366 5.9AIMediumAI2024-06-06
CVE-2024-2035 Improper Authorization in zenml-io/zenml — zenml-io/zenmlCWE-862 8.1AIHighAI2024-06-06
CVE-2024-2171 Stored XSS in zenml-io/zenml — zenml-io/zenmlCWE-79 5.4AIMediumAI2024-06-06
CVE-2024-2213 Improper Authentication in zenml-io/zenml — zenml-io/zenmlCWE-620 8.8AIHighAI2024-06-06
CVE-2024-2383 Clickjacking Vulnerability in zenml-io/zenml — zenml-io/zenmlCWE-1021 5.4AIMediumAI2024-06-06
CVE-2024-2083 Directory Traversal in zenml-io/zenml — zenml-io/zenmlCWE-29 7.5 -2024-04-16
CVE-2024-2260 Session Fixation Vulnerability in zenml-io/zenml — zenml-io/zenmlCWE-384 8.8 -2024-04-16

This page lists every published CVE security advisory associated with zenml-io. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.