GHSA-6749-m5cp-6cg7

Source

https://github.com/advisories/GHSA-6749-m5cp-6cg7

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/02/GHSA-6749-m5cp-6cg7/GHSA-6749-m5cp-6cg7.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-6749-m5cp-6cg7

Aliases

Published

2024-02-24T00:30:20Z

Modified

2025-04-08T18:08:28.475585Z

Severity

9.6 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVSS Calculator

Summary

Cross-site Scripting in MLFlow

Details

Insufficient sanitization in MLflow leads to XSS when running an untrusted recipe.

This issue leads to a client-side RCE when running an untrusted recipe in Jupyter Notebook.

The vulnerability stems from lack of sanitization over template variables.

Database specific

{
    "nvd_published_at": "2024-02-23T22:15:55Z",
    "cwe_ids": [
        "CWE-79"
    ],
    "severity": "CRITICAL",
    "github_reviewed": true,
    "github_reviewed_at": "2024-02-26T20:07:33Z"
}

References

Affected packages

PyPI / mlflow

Package

Name: mlflow; View open source insights on deps.dev
Purl: pkg:pypi/mlflow

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.10.0

Affected versions

0.*

0.0.1

0.1.0

0.2.0

0.2.1

0.3.0

0.4.0

0.4.1

0.4.2

0.5.0

0.5.1

0.5.2

0.6.0

0.7.0

0.8.0

0.8.1

0.8.2

0.9.0

0.9.0.1

0.9.1

1.*

1.0.0

1.1.0

1.1.1.dev0

1.2.0

1.3.0

1.4.0

1.5.0

1.6.0

1.7.0

1.7.1

1.7.2

1.8.0

1.9.0

1.9.1

1.10.0

1.11.0

1.12.0

1.12.1

1.13

1.13.1

1.14.0

1.14.1

1.15.0

1.16.0

1.17.0

1.18.0

1.19.0

1.20.0

1.20.1

1.20.2

1.21.0

1.22.0

1.23.0

1.23.1

1.24.0

1.25.0

1.25.1

1.26.0

1.26.1

1.27.0

1.28.0

1.29.0

1.30.0

1.30.1

2.*

2.0.0rc0

2.0.0

2.0.1

2.1.0

2.1.1

2.2.0

2.2.1

2.2.2

2.3.0

2.3.1

2.3.2

2.4.0

2.4.1

2.4.2

2.5.0

2.6.0

2.7.0

2.7.1

2.8.0

2.8.1

2.9.0

2.9.1

2.9.2