{"data":{"id":"ec919c62-1cd0-4b9b-ab0f-df1cbccb9b5e","title":"GHSA-m6w7-qv66-g3mf: BentoML Vulnerable to Arbitrary File Write via Symlink Path Traversal in Tar Extraction","summary":"BentoML's `safe_extract_tarfile()` function has a security flaw where it validates that symlink paths (links that point to other files) are within the extraction directory, but it doesn't validate where those symlinks actually point to. An attacker can create a malicious tar file with a symlink pointing outside the directory and follow it with a regular file, allowing them to write files anywhere on the system. This vulnerability has a CVSS score (a 0-10 rating of how severe a vulnerability is) of 8.1 (High).","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-m6w7-qv66-g3mf","publishedAt":"2026-03-03T17:46:47.000Z","cveId":"CVE-2026-27905","cweIds":null,"cvssScore":null,"cvssSeverity":"high","severity":"high","attackType":["supply_chain"],"issueType":"vulnerability","affectedPackages":["bentoml@< 1.4.36 (fixed: 1.4.36)"],"affectedVendors":[],"affectedVendorsRaw":["BentoML"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00006,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","availability"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}