MEDIUM 6.3

GHSA-q92x-2x5g-h365

ZenML is vulnerable to Path Traversal through its `PathMaterializer` class

Details

ZenML version 0.83.1 is affected by a path traversal vulnerability in the `PathMaterializer` class. The `load` function uses `is_path_within_directory` to validate files during `data.tar.gz` extraction, which fails to effectively detect symbolic and hard links. This vulnerability can lead to arbitrary file writes, potentially resulting in arbitrary command execution if critical files are overwritten.

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / zenml

Introduced in: 0.81.0 Fixed in: 0.84.2

Fix pip install --upgrade 'zenml>=0.84.2'

References

https://nvd.nist.gov/vuln/detail/CVE-2025-8406 [ADVISORY]
https://github.com/zenml-io/zenml/commit/5d22a48d7bf6c7f10b748577c2be79cc7969d398 [WEB]
https://github.com/zenml-io/zenml [PACKAGE]
https://huntr.com/bounties/a0880d64-9928-45bf-9663-2cd81582d9e7 [WEB]