6.5

CVSS Score

3.1

Basic Information

CVE ID

CVE-2022-36551

GHSA ID

GHSA-pc6f-259w-w3j6

EPSS Score

0.83031%

CWE

CWE-918

Published

10/4/2022

Updated

9/27/2024

KEV Status

Technology

Python

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2022-36551

CVE-2022-36551: Heartex - Label Studio Community Edition vulnerable to SSRF in the Data Import module

A Server Side Request Forgery (SSRF) in the Data Import module in Heartex - Label Studio Community Edition versions 1.5.0 and earlier allows an authenticated user to access arbitrary files on the system. Furthermore, self-registration is enabled by default in these versions of Label Studio enabling a remote attacker to create a new account and then exploit the SSRF. This issue is fixed in version 1.6.0.

(GitHub Advisory)

6.5

CVSS Score

3.1

Basic Information

CVE ID

CVE-2022-36551

GHSA ID

GHSA-pc6f-259w-w3j6

EPSS Score

0.83031%

CWE

CWE-918

Published

10/4/2022

Updated

9/27/2024

KEV Status

Technology

Python

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
label-studio	pip	< 1.6.0	1.6.0

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The GitHub patch shows the vulnerability was in the Data Import module's URL handling. The commit adds a critical check for 'file://' prefixes in load_tasks() - this directly corresponds to the CVE description about accessing local files via URL imports. The absence of this validation in versions <1.6.0 allowed attackers to read arbitrary files through crafted URLs, enabled by the function's failure to restrict file protocol access while processing import requests.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* S*rv*r Si** R*qu*st *or**ry (SSR*) in t** **t* Import mo*ul* in ***rt*x - L***l Stu*io *ommunity **ition v*rsions *.*.* *n* **rli*r *llows *n *ut**nti**t** us*r to ****ss *r*itr*ry *il*s on t** syst*m. *urt**rmor*, s*l*-r**istr*tion is *n**l** *y *

Reasoning

T** *it*u* p*t** s*ows t** vuln*r**ility w*s in t** **t* Import mo*ul*'s URL **n*lin*. T** *ommit ***s * *riti**l ****k *or '*il*://' pr**ix*s in `lo**_t*sks()` - t*is *ir**tly *orr*spon*s to t** *V* **s*ription **out ****ssin* lo**l *il*s vi* URL im

6.5

Basic Information

Concerned about an active attack path?

CVE-2022-36551: Heartex - Label Studio Community Edition vulnerable to SSRF in the Data Import module

6.5

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI