CVE-2025-8406
published 2025-10-05CVE-2025-8406: ZenML version 0.83.1 is affected by a path traversal vulnerability in the `PathMaterializer` class. The `load` function uses `is_path_within_directory` to…
PriorityP345high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
EPSS
0.33%
24.4th percentile
ZenML version 0.83.1 is affected by a path traversal vulnerability in the `PathMaterializer` class. The `load` function uses `is_path_within_directory` to validate files during `data.tar.gz` extraction, which fails to effectively detect symbolic and hard links. This vulnerability can lead to arbitrary file writes, potentially resulting in arbitrary command execution if critical files are overwritten.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| zenml-io | zenml-io_zenml | >= unspecified < 0.84.2 | 0.84.2 |
| zenml | zenml | >= 0.81.0 < 0.84.2 | 0.84.2 |
| zenml | zenml | >= 0.83.1 < 0.84.2 | 0.84.2 |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv3.06.3MEDIUMCVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
ZenML is vulnerable to Path Traversal through its `PathMaterializer` class
osv·2025-10-05
CVE-2025-8406 [MEDIUM] ZenML is vulnerable to Path Traversal through its `PathMaterializer` class
ZenML is vulnerable to Path Traversal through its `PathMaterializer` class
ZenML version 0.83.1 is affected by a path traversal vulnerability in the `PathMaterializer` class. The `load` function uses `is_path_within_directory` to validate files during `data.tar.gz` extraction, which fails to effectively detect symbolic and hard links. This vulnerability can lead to arbitrary file writes, potentially resulting in arbitrary command execution if critical files are overwritten.
GHSA
ZenML is vulnerable to Path Traversal through its `PathMaterializer` class
ghsa·2025-10-05
CVE-2025-8406 [MEDIUM] CWE-22 ZenML is vulnerable to Path Traversal through its `PathMaterializer` class
ZenML is vulnerable to Path Traversal through its `PathMaterializer` class
ZenML version 0.83.1 is affected by a path traversal vulnerability in the `PathMaterializer` class. The `load` function uses `is_path_within_directory` to validate files during `data.tar.gz` extraction, which fails to effectively detect symbolic and hard links. This vulnerability can lead to arbitrary file writes, potentially resulting in arbitrary command execution if critical files are overwritten.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-10-05
Published