CVE-2025-14287

Name of the Vulnerable Software and Affected Versions mlflow versions prior to 3.7.0

Description A command injection issue exists due to the direct interpolation of user-supplied container image names into shell commands without proper sanitization. These commands are then executed using the os.system() function. This allows attackers to execute arbitrary commands by providing malicious input through the --container parameter of the CLI. The issue impacts environments where MLflow is used, including development setups, CI/CD pipelines, and cloud deployments. The vulnerable code is located in the mlflow/sagemaker/ init .py file at lines 161-167.

Recommendations Versions prior to 3.7.0 should be updated to version 3.7.0 or later.