CVE-2025-14287

Summary

A command injection vulnerability exists in mlflow/mlflow versions before v3.7.0, specifically in the mlflow/sagemaker/__init__.py file at lines 161-167. The vulnerability arises from the direct interpolation of user-supplied container image names into shell commands without proper sanitization, which are then executed using os.system(). This allows attackers to execute arbitrary commands by supplying malicious input through the --container parameter of the CLI. The issue affects environments where MLflow is used, including development setups, CI/CD pipelines, and cloud deployments.

Affected Software

VendorProductVersion RangeStatus
mlflowmlflow/mlflowunspecified <= latestaffected

Weaknesses

  • CWE-94: CWE-94 Improper Control of Generation of Code

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

mlflow: MLflow: Arbitrary command execution via unsanitized container image names

Additional References

References