David Fadida

**Name of the Vulnerable Software and Affected Versions** MLeap versions prior to 0.17.0 **Description** The issue is related to a path traversal flaw, also known as Zip Slip, which allows arbitrary file creation and can lead to code execution. This occurs when the `FileUtil.extract()` function enumerates all zip file entries and extracts each file without validating whether file paths in the archive are outside the intended directory. When creating an instance of TensorflowModel using the saved model format and an exported tensorflow model, the apply() function invokes the vulnerable implementation of `FileUtil.extract()`. This can result in arbitrary file overwrites, risking denial-of-service (DoS) or remote code execution (RCE). **Recommendations** For MLeap versions prior to 0.17.0, update to version 0.17.0 to resolve the issue. As a temporary workaround, consider restricting the use of the `FileUtil.extract()` function until a patch is available. Avoid using the vulnerable implementation of `FileUtil.extract()` when creating instances of TensorflowModel using the saved model format and an exported tensorflow model.