CVE-2025-15036

Source
https://cve.org/CVERecord?id=CVE-2025-15036
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-15036.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-15036
Aliases
Published
2026-03-30T01:16:06.400Z
Modified
2026-07-16T03:30:58.054946832Z
Severity
  • 9.6 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVSS Calculator
Summary
Path Traversal Vulnerability in mlflow/mlflow
Details

A path traversal vulnerability exists in the extract_archive_to_dir function within the mlflow/pyfunc/dbconnect_artifact_cache.py file of the mlflow/mlflow repository. This vulnerability, present in versions before v3.7.0, arises due to the lack of validation of tar member paths during extraction. An attacker with control over the tar.gz file can exploit this issue to overwrite arbitrary files or gain elevated privileges, potentially escaping the sandbox directory in multi-tenant or shared cluster environments.

Database specific
{
    "cwe_ids": [
        "CWE-29"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/15xxx/CVE-2025-15036.json",
    "cna_assigner": "@huntr_ai"
}
References

Affected packages

Git / github.com/mlflow/mlflow

Affected ranges

Type
GIT
Repo
https://github.com/mlflow/mlflow
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed
Database specific
{
    "cpe": "cpe:2.3:a:lfprojects:mlflow:*:-:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "3.9.0"
        }
    ],
    "source": [
        "CPE_RANGE",
        "REFERENCES"
    ]
}

Affected versions

1.*
1.0.0
Other
nightly
v0.*
v0.2.0
v0.2.1
v0.3.0
v0.4.0
v0.4.1
v0.4.2
v0.5.0
v0.6.0
v0.7
v0.8.0
v0.8.1
v1.*
v1.7.0
v2.*
v2.2.0
v3.*
v3.0.0
v3.9.0rc0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-15036.json"