CVE-2025-15031

HIGH

Path Traversal Vulnerability in mlflow/mlflow

Title source: cna

Description

A vulnerability in MLflow's pyfunc extraction process allows for arbitrary file writes due to improper handling of tar archive entries. Specifically, the use of `tarfile.extractall` without path validation enables crafted tar.gz files containing `..` or absolute paths to escape the intended extraction directory. This issue affects the latest version of MLflow and poses a high/critical risk in scenarios involving multi-tenant environments or ingestion of untrusted artifacts, as it can lead to arbitrary file overwrites and potential remote code execution.

References (1)

Core 1

Core References

https://huntr.com/bounties/09856f77-f968-446f-a930-657d126efe4e

Scores

CVSS v3 8.1

EPSS 0.0033

EPSS Percentile 56.2%

Attack Vector ADJACENT_NETWORK

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-22

Status published

Products (2)

mlflow/mlflow/mlflow unspecified - latest

pypi/mlflow 0 - 3.9.0rc0PyPI

Published Mar 18, 2026

Tracked Since Mar 19, 2026