5

CVSS Score

3.1

Basic Information

CVE ID

CVE-2024-10073

GHSA ID

GHSA-9rw2-jf8x-cgwm

EPSS Score

0.14258%

CWE

CWE-94

Published

10/17/2024

Updated

10/24/2024

KEV Status

Technology

Python

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2024-10073

CVE-2024-10073: Flair allows arbitrary code execution

A vulnerability, which was classified as critical, was found in flairNLP flair 0.14.0. Affected is the function ClusteringModel of the file flair\models\clustering.py of the component Mode File Loader. The manipulation leads to code injection. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

(GitHub Advisory)

5

CVSS Score

3.1

Basic Information

CVE ID

CVE-2024-10073

GHSA ID

GHSA-9rw2-jf8x-cgwm

EPSS Score

0.14258%

CWE

CWE-94

Published

10/17/2024

Updated

10/24/2024

KEV Status

Technology

Python

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
flair	pip	<= 0.14.0

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

Multiple sources (GitHub Advisory, NVD, VulDB) explicitly reference ClusteringModel in clustering.py as the vulnerable component.
The CWE-94 classification indicates code injection via improper input handling during deserialization.
Submission details and PoC references demonstrate exploitation through model loading.
The pattern matches common Python pickle-based exploits where untrusted serialized data leads to RCE.
High confidence comes from consistent technical details across advisories and explicit path/component references.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* vuln*r**ility, w*i** w*s *l*ssi*i** *s *riti**l, w*s *oun* in *l*irNLP *l*ir *.**.*. *****t** is t** *un*tion *lust*rin*Mo**l o* t** *il* *l*ir\mo**ls\*lust*rin*.py o* t** *ompon*nt Mo** *il* Lo***r. T** m*nipul*tion l***s to *o** inj**tion. It is

Reasoning

*. Multipl* sour**s (*it*u* **visory, NV*, Vul**) *xpli*itly r***r*n** *lust*rin*Mo**l in *lust*rin*.py *s t** vuln*r**l* *ompon*nt. *. T** *W*-** *l*ssi*i**tion in*i**t*s *o** inj**tion vi* improp*r input **n*lin* *urin* **s*ri*liz*tion. *. Su*missi

5

Basic Information

Concerned about an active attack path?

CVE-2024-10073: Flair allows arbitrary code execution

5

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI