Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-sujn-61j7-mbdb

Summary

Remote file access vulnerability in `mlflow server` and `mlflow ui` CLIs
Users of the MLflow Open Source Project who are hosting the MLflow Model Registry using the `mlflow server` or `mlflow ui` commands using an MLflow version older than **MLflow 2.3.1** may be vulnerable to a remote file access exploit if they are not limiting who can query their server (for example, by using a cloud VPC, an IP allowlist for inbound requests, or authentication / authorization middleware).

This issue only affects users and integrations that run the `mlflow server` and `mlflow ui` commands. Integrations that do not make use of `mlflow server` or `mlflow ui` are unaffected; for example, the Databricks Managed MLflow product and MLflow on Azure Machine Learning do not make use of these commands and are not impacted by these vulnerabilities in any way.

The vulnerability is very similar to https://nvd.nist.gov/vuln/detail/CVE-2023-1177, and a separate CVE will be published and updated here shortly.

This vulnerability has been patched in MLflow 2.3.1, which was released to PyPI on April 27th, 2023. If you are using `mlflow server` or `mlflow ui` with the MLflow Model Registry, we recommend upgrading to MLflow 2.3.1 as soon as possible.

If you are using the MLflow open source `mlflow server` or `mlflow ui` commands, we strongly recommend limiting who can access your MLflow Model Registry and MLflow Tracking servers using a cloud VPC, an IP allowlist for inbound requests, authentication / authorization middleware, or another access restriction mechanism of your choosing.

If you are using the MLflow open source `mlflow server` or `mlflow ui` commands, we also strongly recommend limiting the remote files to which your MLflow Model Registry and MLflow Tracking servers have access. For example, if your MLflow Model Registry or MLflow Tracking server uses cloud-hosted blob storage for MLflow artifacts, make sure to restrict the scope of your server's cloud credentials such that it can only access files and directories related to MLflow.

Aliases

alias	GHSA-83fm-w79m-64r5

alias	GMS-2023-1305

Fixed_packages

url pkg:pypi/mlflow@2.3.1

purl pkg:pypi/mlflow@2.3.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7m3u-tyeh-rqgz

vulnerability	VCID-93v9-5y4m-t7dz

vulnerability	VCID-an1e-3jdw-7yaw

vulnerability	VCID-cu1t-7wnm-y7hk

vulnerability	VCID-deyg-v3z9-6fet

vulnerability	VCID-ep2z-9m6r-6ubu

vulnerability	VCID-g9p5-4cqv-qfew

vulnerability	VCID-hz26-bm34-gkfx

vulnerability	VCID-j3ax-7a88-f7ff

vulnerability	VCID-jbuf-3rr2-5kcv

vulnerability	VCID-ns8z-pwe6-vbby

vulnerability	VCID-p21k-ac5p-9kam

vulnerability	VCID-pzmb-xzk9-s7dy

vulnerability	VCID-rcqb-2498-77e2

vulnerability	VCID-s76e-s9ut-2bdq

vulnerability	VCID-saca-pg4n-xucu

vulnerability	VCID-syg7-c85s-4ufu

vulnerability	VCID-vd8p-48kf-yyg6

vulnerability	VCID-wwe2-hxs5-t7eq

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mlflow@2.3.1

Affected_packages

References

reference_url	https://github.com/advisories/GHSA-83fm-w79m-64r5
reference_id	GHSA-83fm-w79m-64r5
reference_type
scores
url	https://github.com/advisories/GHSA-83fm-w79m-64r5

reference_url	https://github.com/mlflow/mlflow/security/advisories/GHSA-83fm-w79m-64r5
reference_id	GHSA-83fm-w79m-64r5
reference_type
scores
url	https://github.com/mlflow/mlflow/security/advisories/GHSA-83fm-w79m-64r5

Weaknesses

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

Exploits

Severity_range_score null

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sujn-61j7-mbdb

Vulnerability Instance