CVE-2025-15036

high

Red Hat

CVSS v3 Base Score

9.6

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

EPSS Score

0.1%

Exploitation probability in 30 days

Top 85% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Confidentiality

High

Integrity

High

Availability

High

Published: March 30, 2026 (45 days ago)

Last Modified: March 30, 2026

Vendor: Red Hat

Source: REDHAT

Description

A flaw was found in mlflow. A path traversal vulnerability exists in the `extract_archive_to_dir` function, which is responsible for extracting archives. An attacker who can control the input tar.gz file can exploit this vulnerability due to insufficient validation of paths within the archive. This allows the attacker to overwrite arbitrary files, potentially leading to privilege escalation or escaping the intended sandbox environment in multi-tenant or shared cluster setups.

CWE

CWE-22

Affected Products

Red Hat OpenShift AI (RHOAI)

References

🔗 bugzilla.redhat.com 🔗 www.cve.org 🔗 nvd.nist.gov 🔗 github.com 🔗 huntr.com

CVE-2025-15036

Vulnerability Report

Description

CWE

Affected Products

References