CVE-2025-52967: 
MLflow vulnerability analysis and mitigation

A security vulnerability (CVE-2025-52967) was identified in MLflow versions prior to 3.1.0, where the gatewayproxyhandler component lacked proper gateway_path validation. The vulnerability was discovered and disclosed in June 2025, affecting all versions of MLflow before 3.1.0 (NVD, MITRE).

The vulnerability stems from insufficient validation of the gatewaypath parameter in the gatewayproxy_handler component. It has been classified as CWE-918 (Server-Side Request Forgery). The CVSS v3.1 base score is 5.8 (Medium), with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N, indicating network accessibility with low attack complexity and no privileges required (NVD, Wiz).

The lack of gateway_path validation could potentially allow attackers to execute unauthorized commands or access unintended resources through the gateway proxy handler. The vulnerability primarily affects the integrity of the system with limited impact, as indicated by the CVSS scoring (Wiz).

The vulnerability has been patched in MLflow version 3.1.0. Users are advised to upgrade to this version or later to receive the security fix. The patch includes proper validation of the gatewaypath parameter in the gatewayproxy_handler (GitHub Release).