CVE-2025-8406

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-8406

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-8406.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-8406

Aliases

GHSA-q92x-2x5g-h365

Published

2025-10-05T09:15:31.767Z

Modified

2026-03-14T12:46:52.283187Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

ZenML version 0.83.1 is affected by a path traversal vulnerability in the PathMaterializer class. The load function uses is_path_within_directory to validate files during data.tar.gz extraction, which fails to effectively detect symbolic and hard links. This vulnerability can lead to arbitrary file writes, potentially resulting in arbitrary command execution if critical files are overwritten.

References

Affected packages

Git / github.com/zenml-io/zenml

Affected ranges

Type

GIT

Repo

https://github.com/zenml-io/zenml

Events

Introduced

e941c5eb6ba8899061e2849a4db66cfcb6c322a4

Fixed

d6264356408ead438626b0e2e75386f992234eaf

Fixed

5d22a48d7bf6c7f10b748577c2be79cc7969d398

Database specific

{
    "versions": [
        {
            "introduced": "0.83.1"
        },
        {
            "fixed": "0.84.2"
        }
    ]
}

Affected versions

0.*

0.83.1

0.84.0

0.84.1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-8406.json"