MLFlow - v2.3.1


MLflow 2.3.1 is a patch release containing bug fixes and a security patch for If you are using mlflow server or mlflow ui, we recommend upgrading to MLflow 2.3.1 as soon as possible.

Security patches:

  • [Security] Fix critical LFI attack vulnerability by disabling the ability to provide relative paths in registered model sources (#8281, @BenWilson2)

Bug fixes:

  • [Tracking] Fix an issue causing file and model uploads to hang on Databricks (#8348, @harupy)
  • [Tracking / Model Registry] Fix an issue causing file and model downloads to hang on Databricks (#8350, @dbczumar)
  • [Scoring] Fix regression in schema enforcement for model serving when using the inputs format for inference (#8326, @BenWilson2)
  • [Model Registry] Fix regression in model naming parsing where special characters were not accepted in model names (#8322, @arpitjasa-db)
  • [Recipes] Fix card rendering with the pandas profiler to handle columns containing all null values (#8263, @sunishsheth2009)


Security wording was detected, but no CVEs were found.


April 28, 2023, 9:17 a.m.
MLflow 2.3.1
Register or login to:
  • 🔍View and search all MLFlow releases.
  • 🛠️Create and share lists to track your tools.
  • 🚨Setup notifications for major, security, feature or patch updates.
  • 🚀Much more coming soon!
Continue with GitHub
Continue with Google