CVE-2025-0851 is an absolute path traversal vulnerability categorized under CWE-36 and CWE-73, found in the AWS Deep Java Library (DJL) version 0.1.0. The vulnerability resides in the ZipUtils.unzip and TarUtils.untar methods, which improperly handle archive extraction paths. This flaw enables an attacker to craft malicious ZIP or TAR archives containing file paths that traverse directories (e.g., using '../') and write files outside the intended extraction directory. Because the vulnerability requires no authentication or user interaction and is remotely exploitable over the network, it poses a severe risk. Successful exploitation can lead to arbitrary file writes, potentially overwriting critical system or application files, enabling remote code execution, privilege escalation, or persistent malware installation. The vulnerability affects all platforms where DJL 0.1.0 is deployed, impacting any environment using this library for AI or machine learning tasks. Despite no known exploits in the wild, the critical CVSS score (9.3) reflects the ease of exploitation and the high impact on confidentiality, integrity, and availability. AWS has not yet released a patch, so users must apply interim mitigations to reduce exposure.

For European organizations, the impact of CVE-2025-0851 can be significant, especially those leveraging AWS Deep Java Library in AI, machine learning, or data processing pipelines. Arbitrary file writes can lead to system compromise, data breaches, or disruption of critical services. Confidentiality may be breached if sensitive files are overwritten or replaced with malicious payloads. Integrity is at high risk due to potential tampering with application binaries or configuration files. Availability could be affected if critical system files are corrupted or deleted. Organizations in sectors such as finance, healthcare, and critical infrastructure, which increasingly adopt AI technologies, could face operational disruptions and regulatory consequences under GDPR if personal data is exposed or systems are compromised. The lack of authentication and user interaction requirements makes this vulnerability particularly dangerous in automated or cloud environments common in Europe.

Until an official patch is released by AWS, European organizations should implement the following mitigations: 1) Avoid using DJL version 0.1.0 for processing untrusted archives; 2) Implement strict input validation and sanitization to detect and block archive files containing path traversal sequences before extraction; 3) Run archive extraction processes with least privilege, restricting file system write permissions to dedicated sandbox directories; 4) Employ runtime monitoring and alerting for unexpected file writes outside designated extraction paths; 5) Use containerization or virtual machines to isolate the extraction process, limiting potential damage; 6) Keep AWS SDKs and related dependencies up to date and subscribe to AWS security advisories for patch announcements; 7) Conduct security audits of AI/ML pipelines to identify use of vulnerable DJL versions and replace or upgrade accordingly.