Vulnerability Details CVE-2025-14287
A command injection vulnerability exists in mlflow/mlflow versions before v3.7.0, specifically in the `mlflow/sagemaker/__init__.py` file at lines 161-167. The vulnerability arises from the direct interpolation of user-supplied container image names into shell commands without proper sanitization, which are then executed using `os.system()`. This allows attackers to execute arbitrary commands by supplying malicious input through the `--container` parameter of the CLI. The issue affects environments where MLflow is used, including development setups, CI/CD pipelines, and cloud deployments.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 24.2%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2025-14287
-
cpe:2.3:a:lfprojects:mlflow:2.0.0
-
cpe:2.3:a:lfprojects:mlflow:2.15.0
-
cpe:2.3:a:lfprojects:mlflow:2.17.0
-
cpe:2.3:a:lfprojects:mlflow:2.18.0
-
cpe:2.3:a:lfprojects:mlflow:2.19.0
-
cpe:2.3:a:lfprojects:mlflow:2.20.0
-
cpe:2.3:a:lfprojects:mlflow:2.21.0
-
cpe:2.3:a:lfprojects:mlflow:2.22.0
-
cpe:2.3:a:lfprojects:mlflow:3.0.0
-
cpe:2.3:a:lfprojects:mlflow:3.1.0
-
cpe:2.3:a:lfprojects:mlflow:3.2.0
-
cpe:2.3:a:lfprojects:mlflow:3.3.0
-
cpe:2.3:a:lfprojects:mlflow:3.4.0
-
cpe:2.3:a:lfprojects:mlflow:3.5.0