CVE-2025-0851

CVE-2025-0851 is a path traversal vulnerability in the ZipUtils.unzip and TarUtils.untar functions of the Deep Java Library (DJL), affecting all platforms. Published on 2025-01-29, this issue (CWE-36, CWE-73) allows a bad actor to write files to arbitrary locations on the filesystem. It carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), reflecting critical severity due to its potential for high-impact exploitation.

The vulnerability is exploitable remotely by unauthenticated attackers with low complexity and no user interaction required. An attacker can supply a malicious ZIP or TAR archive to any application or service using DJL's extraction utilities, enabling arbitrary file writes. This can result in overwriting critical files, executing code, or disrupting services, achieving high confidentiality, integrity, and availability impacts.

Mitigation is addressed in the DJL GitHub security advisory (GHSA-jcrp-x7w3-ffmg) and release v0.31.1, which patches the issue. AWS security bulletin AWS-2025-003 provides further details on the vulnerability in affected environments. Practitioners should update to DJL v0.31.1 and audit applications processing untrusted archives.

DJL, an engine for deep learning model inference and training in Java, introduces AI/ML relevance, as deployments in machine learning pipelines may inadvertently expose the flaw when handling model artifacts or datasets in ZIP/TAR formats. No public exploitation has been reported as of publication.