{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-3924", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "state": "PUBLISHED", "assignerShortName": "@huntr_ai", "dateReserved": "2024-04-17T16:09:05.359Z", "datePublished": "2024-05-30T14:59:43.416Z", "dateUpdated": "2024-08-01T20:26:57.025Z"}, "containers": {"cna": {"title": "Code Injection in huggingface/text-generation-inference", "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2024-05-30T14:59:43.416Z"}, "descriptions": [{"lang": "en", "value": "A code injection vulnerability exists in the huggingface/text-generation-inference repository, specifically within the `autodocs.yml` workflow file. The vulnerability arises from the insecure handling of the `github.head_ref` user input, which is used to dynamically construct a command for installing a software package. An attacker can exploit this by forking the repository, creating a branch with a malicious payload as the name, and then opening a pull request to the base repository. Successful exploitation could lead to arbitrary code execution within the context of the GitHub Actions runner. This issue affects versions up to and including v2.0.0 and was fixed in version 2.0.0."}], "affected": [{"vendor": "huggingface", "product": "huggingface/text-generation-inference", "versions": [{"version": "unspecified", "lessThan": "2.0.0", "status": "affected", "versionType": "custom"}]}], "references": [{"url": "https://huntr.com/bounties/8af92fc2-0103-4d29-bb28-c3893154c422"}, {"url": "https://github.com/huggingface/text-generation-inference/commit/88702d876383f7200eccf67e28ba00500dc804bb"}], "metrics": [{"cvssV3_0": {"version": "3.0", "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N", "baseScore": 4.4, "baseSeverity": "MEDIUM"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-94 Improper Control of Generation of Code", "cweId": "CWE-94"}]}], "source": {"advisory": "8af92fc2-0103-4d29-bb28-c3893154c422", "discovery": "EXTERNAL"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-3924", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-31T20:21:42.849506Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:huggingface:text_generation_inference:*:*:*:*:*:*:*:*"], "vendor": "huggingface", "product": "text_generation_inference", "versions": [{"status": "affected", "version": "0", "lessThan": "2.0.0", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:31:18.866Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:26:57.025Z"}, "title": "CVE Program Container", "references": [{"url": "https://huntr.com/bounties/8af92fc2-0103-4d29-bb28-c3893154c422", "tags": ["x_transferred"]}, {"url": "https://github.com/huggingface/text-generation-inference/commit/88702d876383f7200eccf67e28ba00500dc804bb", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://huntr.com/bounties/8af92fc2-0103-4d29-bb28-c3893154c422", "tags": ["x_transferred"]}, {"url": "https://github.com/huggingface/text-generation-inference/commit/88702d876383f7200eccf67e28ba00500dc804bb", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:26:57.025Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-3924", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-31T20:21:42.849506Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:huggingface:text_generation_inference:*:*:*:*:*:*:*:*"], "vendor": "huggingface", "product": "text_generation_inference", "versions": [{"status": "affected", "version": "0", "lessThan": "2.0.0", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-31T20:24:23.392Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "Code Injection in huggingface/text-generation-inference", "source": {"advisory": "8af92fc2-0103-4d29-bb28-c3893154c422", "discovery": "EXTERNAL"}, "metrics": [{"cvssV3_0": {"scope": "CHANGED", "version": "3.0", "baseScore": 4.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "huggingface", "product": "huggingface/text-generation-inference", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "2.0.0", "versionType": "custom"}]}], "references": [{"url": "https://huntr.com/bounties/8af92fc2-0103-4d29-bb28-c3893154c422"}, {"url": "https://github.com/huggingface/text-generation-inference/commit/88702d876383f7200eccf67e28ba00500dc804bb"}], "descriptions": [{"lang": "en", "value": "A code injection vulnerability exists in the huggingface/text-generation-inference repository, specifically within the `autodocs.yml` workflow file. The vulnerability arises from the insecure handling of the `github.head_ref` user input, which is used to dynamically construct a command for installing a software package. An attacker can exploit this by forking the repository, creating a branch with a malicious payload as the name, and then opening a pull request to the base repository. Successful exploitation could lead to arbitrary code execution within the context of the GitHub Actions runner. This issue affects versions up to and including v2.0.0 and was fixed in version 2.0.0."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "CWE-94 Improper Control of Generation of Code"}]}], "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2024-05-30T14:59:43.416Z"}}}, "cveMetadata": {"cveId": "CVE-2024-3924", "state": "PUBLISHED", "dateUpdated": "2024-08-01T20:26:57.025Z", "dateReserved": "2024-04-17T16:09:05.359Z", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "datePublished": "2024-05-30T14:59:43.416Z", "assignerShortName": "@huntr_ai"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A code injection vulnerability exists in the huggingface/text-generation-inference repository, specifically within the `autodocs.yml` workflow file. The vulnerability arises from the insecure handling of the `github.head_ref` user input, which is used to dynamically construct a command for installing a software package. An attacker can exploit this by forking the repository, creating a branch with a malicious payload as the name, and then opening a pull request to the base repository. Successful exploitation could lead to arbitrary code execution within the context of the GitHub Actions runner. This issue affects versions up to and including v2.0.0 and was fixed in version 2.0.0."}, {"lang": "es", "value": "Existe una vulnerabilidad de inyecci\u00f3n de c\u00f3digo en el repositorio huggingface/text-generation-inference, espec\u00edficamente dentro del archivo de flujo de trabajo `autodocs.yml`. La vulnerabilidad surge del manejo inseguro de la entrada del usuario `github.head_ref`, que se utiliza para construir din\u00e1micamente un comando para instalar un paquete de software. Un atacante puede aprovechar esto bifurcando el repositorio, creando una rama con una carga \u00fatil maliciosa como nombre y luego abriendo una solicitud de extracci\u00f3n al repositorio base. La explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario dentro del contexto del ejecutor de GitHub Actions. Este problema afecta a las versiones hasta la v2.0.0 incluida y se solucion\u00f3 en la versi\u00f3n 2.0.0."}], "id": "CVE-2024-3924", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 1.3, "impactScore": 2.7, "source": "security@huntr.dev", "type": "Secondary"}]}, "published": "2024-05-30T15:15:49.653", "references": [{"source": "security@huntr.dev", "url": "https://github.com/huggingface/text-generation-inference/commit/88702d876383f7200eccf67e28ba00500dc804bb"}, {"source": "security@huntr.dev", "url": "https://huntr.com/bounties/8af92fc2-0103-4d29-bb28-c3893154c422"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/huggingface/text-generation-inference/commit/88702d876383f7200eccf67e28ba00500dc804bb"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://huntr.com/bounties/8af92fc2-0103-4d29-bb28-c3893154c422"}], "sourceIdentifier": "security@huntr.dev", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "security@huntr.dev", "type": "Secondary"}]}

{}

{}