9.8

CVSS Score

3.1

-

CVSS Score

Basic Information

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2024-56327

CVE-2024-56327: pyrage vulnerable to malicious plugin names, recipients, or identities causing arbitrary binary execution

pyrage uses the Rust age crate for its underlying operations, and age is vulnerable to GHSA-4fg7-vxc8-qx5w.

All details of GHSA-4fg7-vxc8-qx5w are relevant to pyrage for the versions specified in this advisory. See GHSA-4fg7-vxc8-qx5w for full details.

Versions of pyrage before 1.2.0 lack plugin support and are therefore not affected.

An equivalent issue was fixed in the reference Go implementation of age, see advisory GHSA-32gq-x56h-299c.

Thanks to ⬡-49016 for reporting this issue.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2024-56327

CVE-2024-56327:

9.8

CVSS Score

3.1

-

CVSS Score

Basic Information

Technical Details

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
pyrage	pip	>= 1.2.0, < 1.2.3	1.2.3

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from the Rust age crate's plugin handling functions that process untrusted plugin names. These functions (listed in GHSA-4fg7-vxc8-qx5w) don't properly sanitize path separators in plugin names, allowing attackers to specify malicious paths. Since pyrage is a direct binding to this vulnerable Rust crate, its exposed functionality inherits these flaws. The functions identified are the entry points for parsing/constructing plugin identities and recipients in the Rust layer, which pyrage depends on. The confidence is high because the advisory explicitly links pyrage's vulnerability to these specific Rust functions.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

9.8

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2024-56327: pyrage vulnerable to malicious plugin names, recipients, or identities causing arbitrary binary execution

CVE-2024-56327:

9.8

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Basic Information

Basic Information

CVE-2024-56327: pyrage vulnerable to malicious plugin names, recipients, or identities causing arbitrary binary execution

9.8

9.8

Technical Details

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI