CVE Catalog

CVE-2025-15031

CriticalCVSS 9.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Elevated risk
0.85%

54th percentile - higher than 54% of all known CVEs

Summary

A vulnerability in MLflow's pyfunc extraction process allows arbitrary file writes due to improper handling of tar archive entries. The use of `tarfile.extractall` without path validation enables crafted tar.gz files containing `..` or absolute paths to escape the intended extraction directory.

Risk Assessment

The risk for the organization includes arbitrary file overwrites and potential remote code execution, especially in multi-tenant environments or when ingesting untrusted artifacts.

Recommendation

It is recommended to immediately update MLflow to a patched version and implement path validation in the tar archive extraction process.

Original NVD description (English source)

A vulnerability in MLflow's pyfunc extraction process allows for arbitrary file writes due to improper handling of tar archive entries. Specifically, the use of `tarfile.extractall` without path validation enables crafted tar.gz files containing `..` or absolute paths to escape the intended extraction directory. This issue affects the latest version of MLflow and poses a high/critical risk in scenarios involving multi-tenant environments or ingestion of untrusted artifacts, as it can lead to arbitrary file overwrites and potential remote code execution.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS