CRITICAL🇵🇱 Wersja polska

CVE-2025-15031

CVSS 9.1v3.1pub. 2026-03-18upd. 2026-06-30

A vulnerability in MLflow's pyfunc extraction process allows for arbitrary file writes due to improper handling of tar archive entries. Specifically, the use of `tarfile.extractall` without path validation enables crafted tar.gz files containing `..` or absolute paths to escape the intended extraction directory. This issue affects the latest version of MLflow and poses a high/critical risk in scenarios involving multi-tenant environments or ingestion of untrusted artifacts, as it can lead to arbitrary file overwrites and potential remote code execution.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
  • Lfprojects Mlflow

    APP
    Lfprojects
    ≤ 3.10.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEPath Traversal
CWE
References

Related vulnerabilities

CVE-2026-2651CRITICAL9.0PL ✓ten sam produkt

MLflow: nieautoryzowany dostęp do endpointów multipart upload (RCE)

CVE-2026-2611CRITICAL9.6PL ✓ten sam produkt

MLflow: nieprawidłowa walidacja origin umożliwia RCE przez cross-origin request

CVE-2026-0545CRITICAL9.8PL ✓ten sam produkt

Brak uwierzytelnienia w endpointach FastAPI jobs w MLflow (Auth Bypass / RCE)

CVE-2025-15379CRITICAL9.8PL ✓ten sam produkt

Command injection w MLflow podczas inicjalizacji kontenera modelu

CVE-2025-15036CRITICAL10.0PL ✓ten sam produkt

Path traversal w MLflow — nadpisanie plików i eskalacja uprawnień