Miggo Logo
Miggo Vulnerability Database
CVE-2024-37056

CVE-2024-37056: MLFlow unsafe deserialization

8.8

CVSS Score
3.1

Basic Information

CVE ID
CVE-2024-37056
GHSA ID
GHSA-7p8j-qv6x-f4g4
EPSS Score
0.42294%
CWE
CWE-502
Published
6/4/2024
Updated
6/21/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
mlflowpip>= 1.23.0, <= 2.14.1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability specifically references unsafe deserialization in LightGBM scikit-learn model loading. The HiddenLayer advisory explicitly identifies the _load_model function in mlflow/lightgbm/init.py as the vulnerable component, where cloudpickle.load() is used to deserialize models without proper validation. This matches the CWE-502 pattern of untrusted deserialization, and the code snippet provided in the advisory confirms the insecure loading mechanism for scikit-learn flavored LightGBM models.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

**s*ri*liz*tion o* untrust** **t* **n o**ur in v*rsions o* t** ML*low pl*t*orm runnin* v*rsion *.**.* or n*w*r, *n**lin* * m*li*iously uplo**** Li**t**M s*ikit-l**rn mo**l to run *r*itr*ry *o** on *n *n* us*r’s syst*m w**n int*r**t** wit*.

Reasoning

T** vuln*r**ility sp**i*i**lly r***r*n**s uns*** **s*ri*liz*tion in Li**t**M s*ikit-l**rn mo**l lo**in*. T** *i***nL*y*r **visory *xpli*itly i**nti*i*s t** _lo**_mo**l *un*tion in ml*low/li**t**m/__init__.py *s t** vuln*r**l* *ompon*nt, w**r* *lou*pi