BIT-mlflow-2024-0520
Information Exposure vulnerability in mlflow (PyPI)
What is BIT-mlflow-2024-0520 About?
This Information Exposure vulnerability in sanitize-html versions before 2.12.1 allows attackers to enumerate files and project dependencies on the server. When used on the backend with the style attribute allowed, it reveals sensitive system information. Exploitation is relatively easy, requiring only a crafted input.
Affected Software
- mlflow
- <400c226953b4568f4361bc0a0c223511652c2b9d
- <2.9.0
Technical Details
The vulnerability in sanitize-html versions prior to 2.12.1 occurs when the library is used on the backend with the style attribute explicitly allowed in its configuration. The sanitization process, intended to cleanse HTML input, does not adequately handle specific constructs within the style attribute. By crafting a particular input using CSS url() directives or similar mechanisms, an attacker can cause the backend server to resolve paths, thereby inadvertently revealing information about the file system structure, including project dependencies. This information disclosure happens because the sanitization logic does not prevent the server from attempting to parse or access local file paths referenced in the style attribute, even if the content itself is ultimately sanitized for output.
What is the Impact of BIT-mlflow-2024-0520?
Successful exploitation may allow attackers to gather sensitive information about the server's file system, including directory structures and installed dependencies, which can aid in further targeted attacks.
What is the Exploitability of BIT-mlflow-2024-0520?
Exploitation of this information exposure vulnerability is relatively straightforward, primarily requiring the ability to submit input to the sanitize-html function where the style attribute is permitted. This implies a low complexity level. There are no explicit authentication or privilege requirements to trigger the vulnerability, as it typically relies on user-supplied data being processed by the application. It can be exploited remotely by sending crafted input through a web interface or API. The most significant risk factor is the server-side use of vulnerable sanitize-html versions with a permissive configuration for the style attribute, especially if it exposes parsed HTML structures.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| chan-068 | Link | PoC for CVE-2024-0520 |
What are the Available Fixes for BIT-mlflow-2024-0520?
Available Upgrade Options
- mlflow
- <400c226953b4568f4361bc0a0c223511652c2b9d → Upgrade to 400c226953b4568f4361bc0a0c223511652c2b9d
- mlflow
- <2.9.0 → Upgrade to 2.9.0
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://github.com/mlflow/mlflow/commit/400c226953b4568f4361bc0a0c223511652c2b9d
- https://osv.dev/vulnerability/PYSEC-2024-239
- https://github.com/mlflow/mlflow/commit/400c226953b4568f4361bc0a0c223511652c2b9d
- https://huntr.com/bounties/93e470d7-b6f0-409b-af63-49d3e2a26dbc
- https://github.com/mlflow/mlflow
- https://nvd.nist.gov/vuln/detail/CVE-2024-0520
- https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2024-239.yaml
- https://huntr.com/bounties/93e470d7-b6f0-409b-af63-49d3e2a26dbc
- https://github.com/mlflow/mlflow/commit/400c226953b4568f4361bc0a0c223511652c2b9d
- https://osv.dev/vulnerability/GHSA-5q6c-ffvg-xcm9
What are Similar Vulnerabilities to BIT-mlflow-2024-0520?
Similar Vulnerabilities: CVE-2023-38545 , CVE-2023-38546 , CVE-2023-38547 , CVE-2023-38548 , CVE-2023-38549
