BIT-mlflow-2025-15031

See a problem?
Import Source
https://github.com/bitnami/vulndb/tree/main/data/mlflow/BIT-mlflow-2025-15031.json
JSON Data
https://api.osv.dev/v1/vulns/BIT-mlflow-2025-15031
Aliases
Published
2026-03-24T08:47:14.572Z
Modified
2026-03-24T09:41:17.362431Z
Summary
Path Traversal Vulnerability in mlflow/mlflow
Details

A vulnerability in MLflow's pyfunc extraction process allows for arbitrary file writes due to improper handling of tar archive entries. Specifically, the use of tarfile.extractall without path validation enables crafted tar.gz files containing .. or absolute paths to escape the intended extraction directory. This issue affects the latest version of MLflow and poses a high/critical risk in scenarios involving multi-tenant environments or ingestion of untrusted artifacts, as it can lead to arbitrary file overwrites and potential remote code execution.

Database specific 
{
    "cpes": [
        "cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:*"
    ],
    "severity": "Critical"
}
References

Affected packages

Bitnami / mlflow

Package

Name
mlflow
Purl
pkg:bitnami/mlflow

Severity

  • 9.1 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS Calculator

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Last affected
3.10.1

Database specific

source 
"https://github.com/bitnami/vulndb/tree/main/data/mlflow/BIT-mlflow-2025-15031.json"