CVE-2025-15036
CriticalCVSS 10.0Exploitation Probability (EPSS)
Low risk44th percentile — higher than 44% of all known CVEs
Summary
A path traversal vulnerability exists in the `extract_archive_to_dir` function of the mlflow library before version 3.7.0. Lack of validation of tar member paths allows an attacker to overwrite arbitrary files or escalate privileges.
Risk Assessment
An attacker can overwrite critical system or configuration files, potentially leading to full application or server compromise in multi-tenant or shared cluster environments.
Recommendation
Immediately upgrade mlflow to version 3.7.0 or later. If upgrade is not possible, restrict access to tar.gz processing functions to trusted users only.
Original NVD description (English source)
A path traversal vulnerability exists in the `extract_archive_to_dir` function within the `mlflow/pyfunc/dbconnect_artifact_cache.py` file of the mlflow/mlflow repository. This vulnerability, present in versions before v3.7.0, arises due to the lack of validation of tar member paths during extraction. An attacker with control over the tar.gz file can exploit this issue to overwrite arbitrary files or gain elevated privileges, potentially escaping the sandbox directory in multi-tenant or shared cluster environments.

