7.5

CVSS Score

3.1

-

CVSS Score

Basic Information

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2024-41950

CVE-2024-41950: Insecure Jinja2 templates rendered in Haystack Components can lead to RCE

Impact

Haystack clients that let their users create and run Pipelines from scratch are vulnerable to remote code executions.

Certain Components in Haystack use Jinja2 templates, if anyone can create and render that template on the client machine they run any code.

Patches

The problem has been fixed with PRs deepset-ai/haystack#8095 and deepset-ai/haystack#8096.

Both have been released with Haystack 2.3.1.

Workarounds

Prevent users from running the affected Components, or only let users use preselected templates.

References

The list of impacted Components can be found in the release notes for 2.3.1. https://github.com/deepset-ai/haystack/releases/tag/v2.3.1

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2024-41950

CVE-2024-41950:

7.5

CVSS Score

3.1

-

CVSS Score

Basic Information

Technical Details

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
haystack-ai	pip	< 2.3.1	2.3.1

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from using Jinja2's default Environment instead of SandboxedEnvironment across multiple components. The commit diffs show replacement of Template/NativeEnvironment with SandboxedEnvironment in all affected files. Release notes explicitly list PromptBuilder, ChatPromptBuilder, OutputAdapter, ConditionalRouter and PipelineTemplate as impacted. Each vulnerable function handled user-controllable templates without proper sandboxing, enabling arbitrary code execution through template injection.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

7.5

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2024-41950: Insecure Jinja2 templates rendered in Haystack Components can lead to RCE

Impact

Patches

Workarounds

References

CVE-2024-41950:

7.5

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

7.5

7.5

CVE-2024-41950: Insecure Jinja2 templates rendered in Haystack Components can lead to RCE

Impact

Patches

Workarounds

References

Basic Information

Basic Information

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Technical Details

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI