Improper Neutralization of Special Elements Used in a Template Engine Affecting mlflow package, versions [,2.9.2)


Severity

Recommended
0.0
critical
0
10

CVSS assessment made by Snyk's Security Team

    Threat Intelligence

    Exploit Maturity
    Proof of concept
    EPSS
    0.05% (21st percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk ID SNYK-PYTHON-MLFLOW-6117546
  • published 12 Dec 2023
  • disclosed 12 Dec 2023
  • credit @kevin-mizu

How to fix?

Upgrade mlflow to version 2.9.2 or higher.

Overview

mlflow is a platform to streamline machine learning development, including tracking experiments, packaging code into reproducible runs, and sharing and deploying models.

Affected versions of this package are vulnerable to Improper Neutralization of Special Elements Used in a Template Engine. An attacker can execute arbitrary code or commands by injecting malicious input into the template system.

Note:

In order for this vulnerability to be exploited, the user must load a recipe configuration that he found on the internet.

PoC

import os
from mlflow.recipes import Recipe

os.chdir("./recipes")
regression_recipe = Recipe(profile="local")

References

CVSS Scores

version 3.1
Expand this section

Snyk

Recommended
10 critical
  • Attack Vector (AV)
    Network
  • Attack Complexity (AC)
    Low
  • Privileges Required (PR)
    None
  • User Interaction (UI)
    None
  • Scope (S)
    Changed
  • Confidentiality (C)
    High
  • Integrity (I)
    High
  • Availability (A)
    High
Expand this section

NVD

8.8 high