{"data":{"id":"da5f1e01-daf1-4b17-8f1c-e4f037d9db37","title":"CVE-2025-15036: A path traversal vulnerability exists in the `extract_archive_to_dir` function within the `mlflow/pyfunc/dbconnect_artif","summary":"A path traversal vulnerability (a security flaw where an attacker uses special path names like '../' to access files outside intended directories) exists in MLflow's archive extraction function that doesn't validate the contents of tar.gz files before extracting them. An attacker who controls the tar.gz file can overwrite arbitrary files or escape sandbox restrictions (isolated environments that limit what code can access) in shared computing environments.","solution":"Update to mlflow version v3.7.0 or later.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2025-15036","publishedAt":"2026-03-30T02:16:14.413Z","cveId":"CVE-2025-15036","cweIds":["CWE-29"],"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["supply_chain"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["MLflow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-03-30T02:16:14.413Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","confidentiality","availability"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":["AML.T0010"]}}