Skip to content

Directory traversal in zenml

Critical severity GitHub Reviewed Published Apr 16, 2024 to the GitHub Advisory Database • Updated Apr 16, 2024

Package

pip zenml (pip)

Affected versions

< 0.55.5

Patched versions

0.55.5

Description

A directory traversal vulnerability exists in the zenml-io/zenml repository, specifically within the /api/v1/steps endpoint. Attackers can exploit this vulnerability by manipulating the 'logs' URI path in the request to fetch arbitrary file content, bypassing intended access restrictions. The vulnerability arises due to the lack of validation for directory traversal patterns, allowing attackers to access files outside of the restricted directory.

References

Published by the National Vulnerability Database Apr 16, 2024
Published to the GitHub Advisory Database Apr 16, 2024
Reviewed Apr 16, 2024
Last updated Apr 16, 2024

Severity

Critical
9.9
/ 10

CVSS base metrics

Attack vector
Network
Attack complexity
Low
Privileges required
Low
User interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Weaknesses

CVE ID

CVE-2024-2083

GHSA ID

GHSA-6h3f-43vq-53hj

Source code

Checking history
See something to contribute? Suggest improvements for this vulnerability.