CVE-2024-3924 (GCVE-0-2024-3924)
Vulnerability from cvelistv5 – Published: 2024-05-30 14:59 – Updated: 2024-08-01 20:26
VLAI?
Title
Code Injection in huggingface/text-generation-inference
Summary
A code injection vulnerability exists in the huggingface/text-generation-inference repository, specifically within the `autodocs.yml` workflow file. The vulnerability arises from the insecure handling of the `github.head_ref` user input, which is used to dynamically construct a command for installing a software package. An attacker can exploit this by forking the repository, creating a branch with a malicious payload as the name, and then opening a pull request to the base repository. Successful exploitation could lead to arbitrary code execution within the context of the GitHub Actions runner. This issue affects versions up to and including v2.0.0 and was fixed in version 2.0.0.
Severity ?
4.4 (Medium)
CWE
- CWE-94 - Improper Control of Generation of Code
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| huggingface | huggingface/text-generation-inference |
Affected:
unspecified , < 2.0.0
(custom)
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:huggingface:text_generation_inference:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "text_generation_inference",
"vendor": "huggingface",
"versions": [
{
"lessThan": "2.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3924",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-31T20:21:42.849506Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:31:18.866Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:26:57.025Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.com/bounties/8af92fc2-0103-4d29-bb28-c3893154c422"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/huggingface/text-generation-inference/commit/88702d876383f7200eccf67e28ba00500dc804bb"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "huggingface/text-generation-inference",
"vendor": "huggingface",
"versions": [
{
"lessThan": "2.0.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A code injection vulnerability exists in the huggingface/text-generation-inference repository, specifically within the `autodocs.yml` workflow file. The vulnerability arises from the insecure handling of the `github.head_ref` user input, which is used to dynamically construct a command for installing a software package. An attacker can exploit this by forking the repository, creating a branch with a malicious payload as the name, and then opening a pull request to the base repository. Successful exploitation could lead to arbitrary code execution within the context of the GitHub Actions runner. This issue affects versions up to and including v2.0.0 and was fixed in version 2.0.0."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-30T14:59:43.416Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntr_ai"
},
"references": [
{
"url": "https://huntr.com/bounties/8af92fc2-0103-4d29-bb28-c3893154c422"
},
{
"url": "https://github.com/huggingface/text-generation-inference/commit/88702d876383f7200eccf67e28ba00500dc804bb"
}
],
"source": {
"advisory": "8af92fc2-0103-4d29-bb28-c3893154c422",
"discovery": "EXTERNAL"
},
"title": "Code Injection in huggingface/text-generation-inference"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntr_ai",
"cveId": "CVE-2024-3924",
"datePublished": "2024-05-30T14:59:43.416Z",
"dateReserved": "2024-04-17T16:09:05.359Z",
"dateUpdated": "2024-08-01T20:26:57.025Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"A code injection vulnerability exists in the huggingface/text-generation-inference repository, specifically within the `autodocs.yml` workflow file. The vulnerability arises from the insecure handling of the `github.head_ref` user input, which is used to dynamically construct a command for installing a software package. An attacker can exploit this by forking the repository, creating a branch with a malicious payload as the name, and then opening a pull request to the base repository. Successful exploitation could lead to arbitrary code execution within the context of the GitHub Actions runner. This issue affects versions up to and including v2.0.0 and was fixed in version 2.0.0.\"}, {\"lang\": \"es\", \"value\": \"Existe una vulnerabilidad de inyecci\\u00f3n de c\\u00f3digo en el repositorio huggingface/text-generation-inference, espec\\u00edficamente dentro del archivo de flujo de trabajo `autodocs.yml`. La vulnerabilidad surge del manejo inseguro de la entrada del usuario `github.head_ref`, que se utiliza para construir din\\u00e1micamente un comando para instalar un paquete de software. Un atacante puede aprovechar esto bifurcando el repositorio, creando una rama con una carga \\u00fatil maliciosa como nombre y luego abriendo una solicitud de extracci\\u00f3n al repositorio base. La explotaci\\u00f3n exitosa podr\\u00eda conducir a la ejecuci\\u00f3n de c\\u00f3digo arbitrario dentro del contexto del ejecutor de GitHub Actions. Este problema afecta a las versiones hasta la v2.0.0 incluida y se solucion\\u00f3 en la versi\\u00f3n 2.0.0.\"}]",
"id": "CVE-2024-3924",
"lastModified": "2024-11-21T09:30:42.713",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"security@huntr.dev\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 4.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.3, \"impactScore\": 2.7}]}",
"published": "2024-05-30T15:15:49.653",
"references": "[{\"url\": \"https://github.com/huggingface/text-generation-inference/commit/88702d876383f7200eccf67e28ba00500dc804bb\", \"source\": \"security@huntr.dev\"}, {\"url\": \"https://huntr.com/bounties/8af92fc2-0103-4d29-bb28-c3893154c422\", \"source\": \"security@huntr.dev\"}, {\"url\": \"https://github.com/huggingface/text-generation-inference/commit/88702d876383f7200eccf67e28ba00500dc804bb\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://huntr.com/bounties/8af92fc2-0103-4d29-bb28-c3893154c422\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "security@huntr.dev",
"vulnStatus": "Awaiting Analysis",
"weaknesses": "[{\"source\": \"security@huntr.dev\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-94\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-3924\",\"sourceIdentifier\":\"security@huntr.dev\",\"published\":\"2024-05-30T15:15:49.653\",\"lastModified\":\"2024-11-21T09:30:42.713\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A code injection vulnerability exists in the huggingface/text-generation-inference repository, specifically within the `autodocs.yml` workflow file. The vulnerability arises from the insecure handling of the `github.head_ref` user input, which is used to dynamically construct a command for installing a software package. An attacker can exploit this by forking the repository, creating a branch with a malicious payload as the name, and then opening a pull request to the base repository. Successful exploitation could lead to arbitrary code execution within the context of the GitHub Actions runner. This issue affects versions up to and including v2.0.0 and was fixed in version 2.0.0.\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad de inyecci\u00f3n de c\u00f3digo en el repositorio huggingface/text-generation-inference, espec\u00edficamente dentro del archivo de flujo de trabajo `autodocs.yml`. La vulnerabilidad surge del manejo inseguro de la entrada del usuario `github.head_ref`, que se utiliza para construir din\u00e1micamente un comando para instalar un paquete de software. Un atacante puede aprovechar esto bifurcando el repositorio, creando una rama con una carga \u00fatil maliciosa como nombre y luego abriendo una solicitud de extracci\u00f3n al repositorio base. La explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario dentro del contexto del ejecutor de GitHub Actions. Este problema afecta a las versiones hasta la v2.0.0 incluida y se solucion\u00f3 en la versi\u00f3n 2.0.0.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"security@huntr.dev\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":4.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.3,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"security@huntr.dev\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"references\":[{\"url\":\"https://github.com/huggingface/text-generation-inference/commit/88702d876383f7200eccf67e28ba00500dc804bb\",\"source\":\"security@huntr.dev\"},{\"url\":\"https://huntr.com/bounties/8af92fc2-0103-4d29-bb28-c3893154c422\",\"source\":\"security@huntr.dev\"},{\"url\":\"https://github.com/huggingface/text-generation-inference/commit/88702d876383f7200eccf67e28ba00500dc804bb\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://huntr.com/bounties/8af92fc2-0103-4d29-bb28-c3893154c422\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://huntr.com/bounties/8af92fc2-0103-4d29-bb28-c3893154c422\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/huggingface/text-generation-inference/commit/88702d876383f7200eccf67e28ba00500dc804bb\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T20:26:57.025Z\"}}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-3924\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-05-31T20:21:42.849506Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:huggingface:text_generation_inference:*:*:*:*:*:*:*:*\"], \"vendor\": \"huggingface\", \"product\": \"text_generation_inference\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"2.0.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-31T20:24:23.392Z\"}, \"title\": \"CISA ADP Vulnrichment\"}], \"cna\": {\"title\": \"Code Injection in huggingface/text-generation-inference\", \"source\": {\"advisory\": \"8af92fc2-0103-4d29-bb28-c3893154c422\", \"discovery\": \"EXTERNAL\"}, \"metrics\": [{\"cvssV3_0\": {\"scope\": \"CHANGED\", \"version\": \"3.0\", \"baseScore\": 4.4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"huggingface\", \"product\": \"huggingface/text-generation-inference\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"2.0.0\", \"versionType\": \"custom\"}]}], \"references\": [{\"url\": \"https://huntr.com/bounties/8af92fc2-0103-4d29-bb28-c3893154c422\"}, {\"url\": \"https://github.com/huggingface/text-generation-inference/commit/88702d876383f7200eccf67e28ba00500dc804bb\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A code injection vulnerability exists in the huggingface/text-generation-inference repository, specifically within the `autodocs.yml` workflow file. The vulnerability arises from the insecure handling of the `github.head_ref` user input, which is used to dynamically construct a command for installing a software package. An attacker can exploit this by forking the repository, creating a branch with a malicious payload as the name, and then opening a pull request to the base repository. Successful exploitation could lead to arbitrary code execution within the context of the GitHub Actions runner. This issue affects versions up to and including v2.0.0 and was fixed in version 2.0.0.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-94\", \"description\": \"CWE-94 Improper Control of Generation of Code\"}]}], \"providerMetadata\": {\"orgId\": \"c09c270a-b464-47c1-9133-acb35b22c19a\", \"shortName\": \"@huntr_ai\", \"dateUpdated\": \"2024-05-30T14:59:43.416Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-3924\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-01T20:26:57.025Z\", \"dateReserved\": \"2024-04-17T16:09:05.359Z\", \"assignerOrgId\": \"c09c270a-b464-47c1-9133-acb35b22c19a\", \"datePublished\": \"2024-05-30T14:59:43.416Z\", \"assignerShortName\": \"@huntr_ai\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…