8.8

CVSS Score

Basic Information

CVE ID

CVE-2024-45858

GHSA ID

GHSA-w392-75q8-vr67

EPSS Score

CWE

CWE-95

Published

9/18/2024

Updated

9/18/2024

KEV Status

Technology

Python

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2024-45858

CVE-2024-45858:
Guardrails has an arbitrary code execution vulnerability

An arbitrary code execution vulnerability exists in versions 0.2.9 up to 0.5.10 of the Guardrails AI Guardrails framework because of the way it validates XML files. If a victim user loads a maliciously crafted XML file containing Python code, the code will be passed to an eval function, causing it to execute on the user's machine.

(GitHub Advisory)

8.8

CVSS Score

Basic Information

CVE ID

CVE-2024-45858

GHSA ID

GHSA-w392-75q8-vr67

EPSS Score

CWE

CWE-95

Published

9/18/2024

Updated

9/18/2024

KEV Status

Technology

Python

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
guardrails-ai	pip	>= 0.2.9, < 0.5.10	0.5.10

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from unsafe use of eval() in XML validation logic. The GitHub patch shows eval(t) was replaced with literal_eval(t) in parse_rail_arguments, confirming this was the injection point. While HiddenLayer's report references parse_token in validatorsattr.py, the authoritative fix in the provided commit targets validator_utils.py, indicating code refactoring or consolidation. The test updates (replacing dynamic expressions like list(range(5)) with static values) further validate that eval() in this function was the root cause.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*n *r*itr*ry *o** *x**ution vuln*r**ility *xists in v*rsions *.*.* up to *.*.** o* t** *u*r*r*ils *I *u*r*r*ils *r*m*work ****us* o* t** w*y it v*li**t*s XML *il*s. I* * vi*tim us*r lo**s * m*li*iously *r**t** XML *il* *ont*inin* Pyt*on *o**, t** *o*

Reasoning

T** vuln*r**ility st*ms *rom uns*** us* o* `*v*l()` in XML v*li**tion lo*i*. T** *it*u* p*t** s*ows `*v*l(t)` w*s r*pl**** wit* `lit*r*l_*v*l(t)` in `p*rs*_r*il_*r*um*nts`, *on*irmin* t*is w*s t** inj**tion point. W*il* *i***nL*y*r's r*port r***r*n**

8.8

Basic Information

Concerned about an active attack path?

CVE-2024-45858: Guardrails has an arbitrary code execution vulnerability

8.8

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

CVE-2024-45858:
Guardrails has an arbitrary code execution vulnerability

Vulnerability Intelligence
Miggo AI