BIT-mlflow-2025-15036

See a problem?
Import Source
https://github.com/bitnami/vulndb/tree/main/data/mlflow/BIT-mlflow-2025-15036.json
JSON Data
https://api.osv.dev/v1/vulns/BIT-mlflow-2025-15036
Aliases
Published
2026-04-29T08:45:20.718Z
Modified
2026-04-29T09:26:25.306707067Z
Summary
Path Traversal Vulnerability in mlflow/mlflow
Details

A path traversal vulnerability exists in the extract_archive_to_dir function within the mlflow/pyfunc/dbconnect_artifact_cache.py file of the mlflow/mlflow repository. This vulnerability, present in versions before v3.7.0, arises due to the lack of validation of tar member paths during extraction. An attacker with control over the tar.gz file can exploit this issue to overwrite arbitrary files or gain elevated privileges, potentially escaping the sandbox directory in multi-tenant or shared cluster environments.

Database specific 
{
    "cpes": [
        "cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:*"
    ],
    "severity": "Critical"
}
References

Affected packages

Bitnami / mlflow

Package

Name
mlflow
Purl
pkg:bitnami/mlflow

Severity

  • 10.0 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS Calculator

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.9.0

Database specific

source 
"https://github.com/bitnami/vulndb/tree/main/data/mlflow/BIT-mlflow-2025-15036.json"