CVE-2024-1560

Name of the Vulnerable Software and Affected Versions mlflow versions prior to 2.9.3

Description A path traversal issue exists in the artifact deletion functionality of the mlflow repository. This is due to an extra unquote operation in the delete artifacts function of local artifact repo.py, which fails to properly sanitize user-supplied paths. Attackers can bypass path validation by exploiting the double decoding process in the delete artifact mlflow artifacts handler and local file uri to path function, allowing for the deletion of arbitrary directories on the server's filesystem.

Recommendations For versions prior to 2.9.3, update to version 2.9.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the delete artifacts function in local artifact repo.py to minimize the risk of exploitation. Additionally, avoid using the local file uri to path function with untrusted input until the issue is resolved.