Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS00MzY1LWZobTUtcWNyeM0WqQ
Maliciously Crafted Model Archive Can Lead To Arbitrary File Write
Impact
An Archive Extraction (Zip Slip) vulnerability in the functionality that allows a user to load a trained model archive in Rasa 2.8.9 and older allows an attacker arbitrary write capability within specific directories using a malicious crafted archive file.
Patches
The vulnerability is fixed in Rasa 2.8.10
Workarounds
Mitigating steps for vulnerable end users are to ensure that they do not upload untrusted model files, and restrict CLI or API endpoint access where a malicious actor could target a deployed Rasa instance.
For more information
If you have any questions or comments about this advisory:
- Email the Rasa Security Team
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS00MzY1LWZobTUtcWNyeM0WqQ
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: almost 3 years ago
Updated: 5 days ago
CVSS Score: 7.3
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H
Identifiers: GHSA-4365-fhm5-qcrx, CVE-2021-41127
References:
- https://github.com/RasaHQ/rasa/security/advisories/GHSA-4365-fhm5-qcrx
- https://github.com/RasaHQ/rasa/commit/1b6b502f52d73b4f8cd1959ce724b8ad0eb33989
- https://github.com/pypa/advisory-database/tree/main/vulns/rasa/PYSEC-2021-381.yaml
- https://github.com/advisories/GHSA-4365-fhm5-qcrx
Blast Radius: 20.2
Affected Packages
pypi:rasa
Dependent packages: 7Dependent repositories: 584
Downloads: 175,734 last month
Affected Version Ranges: < 2.8.10
Fixed in: 2.8.10
All affected versions: 0.0.1, 0.0.2, 0.0.3, 0.0.4, 0.0.5, 0.1.0, 0.1.1, 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, 1.0.5, 1.0.6, 1.0.7, 1.0.8, 1.0.9, 1.1.0, 1.1.1, 1.1.2, 1.1.3, 1.1.4, 1.1.5, 1.1.6, 1.1.7, 1.1.8, 1.2.0, 1.2.1, 1.2.2, 1.2.3, 1.2.4, 1.2.5, 1.2.6, 1.2.7, 1.2.8, 1.2.9, 1.2.10, 1.2.11, 1.2.12, 1.3.0, 1.3.1, 1.3.2, 1.3.3, 1.3.4, 1.3.6, 1.3.7, 1.3.8, 1.3.9, 1.3.10, 1.4.0, 1.4.1, 1.4.2, 1.4.3, 1.4.4, 1.4.5, 1.4.6, 1.5.0, 1.5.1, 1.5.2, 1.5.3, 1.6.0, 1.6.1, 1.6.2, 1.7.0, 1.7.1, 1.7.2, 1.7.3, 1.7.4, 1.8.0, 1.8.1, 1.8.2, 1.8.3, 1.9.0, 1.9.1, 1.9.2, 1.9.3, 1.9.4, 1.9.5, 1.9.6, 1.9.7, 1.10.0, 1.10.1, 1.10.2, 1.10.3, 1.10.4, 1.10.5, 1.10.6, 1.10.7, 1.10.8, 1.10.9, 1.10.10, 1.10.11, 1.10.12, 1.10.13, 1.10.14, 1.10.15, 1.10.16, 1.10.17, 1.10.18, 1.10.19, 1.10.20, 1.10.21, 1.10.22, 1.10.23, 1.10.24, 1.10.25, 1.10.26, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.1.0, 2.1.1, 2.1.2, 2.1.3, 2.2.0, 2.2.1, 2.2.2, 2.2.3, 2.2.4, 2.2.5, 2.2.6, 2.2.7, 2.2.8, 2.2.9, 2.2.10, 2.3.0, 2.3.1, 2.3.2, 2.3.3, 2.3.4, 2.3.5, 2.4.0, 2.4.1, 2.4.2, 2.4.3, 2.5.0, 2.5.1, 2.5.2, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.7.0, 2.7.1, 2.7.2, 2.8.0, 2.8.1, 2.8.2, 2.8.3, 2.8.4, 2.8.5, 2.8.6, 2.8.7, 2.8.8, 2.8.9
All unaffected versions: 2.8.10, 2.8.11, 2.8.12, 2.8.13, 2.8.14, 2.8.15, 2.8.16, 2.8.17, 2.8.18, 2.8.19, 2.8.20, 2.8.21, 2.8.22, 2.8.23, 2.8.24, 2.8.25, 2.8.26, 2.8.27, 2.8.28, 2.8.29, 2.8.30, 2.8.31, 2.8.32, 2.8.33, 2.8.34, 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.11, 3.0.12, 3.0.13, 3.1.0, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.1.6, 3.1.7, 3.2.0, 3.2.1, 3.2.2, 3.2.4, 3.2.5, 3.2.6, 3.2.7, 3.2.8, 3.2.10, 3.2.11, 3.2.12, 3.2.13, 3.3.0, 3.3.1, 3.3.2, 3.3.3, 3.3.4, 3.3.5, 3.3.6, 3.3.7, 3.3.8, 3.3.9, 3.3.10, 3.3.11, 3.3.12, 3.4.0, 3.4.1, 3.4.2, 3.4.3, 3.4.4, 3.4.5, 3.4.6, 3.4.7, 3.4.8, 3.4.9, 3.4.10, 3.4.11, 3.4.12, 3.4.13, 3.4.14, 3.4.15, 3.4.16, 3.4.17, 3.4.18, 3.5.0, 3.5.1, 3.5.2, 3.5.3, 3.5.4, 3.5.5, 3.5.6, 3.5.7, 3.5.8, 3.5.9, 3.5.10, 3.5.11, 3.5.12, 3.5.13, 3.5.14, 3.5.15, 3.5.16, 3.5.17, 3.6.0, 3.6.1, 3.6.2, 3.6.3, 3.6.4, 3.6.5, 3.6.6, 3.6.7, 3.6.8, 3.6.9, 3.6.10, 3.6.11, 3.6.12, 3.6.13, 3.6.14, 3.6.15, 3.6.16, 3.6.17, 3.6.18, 3.6.19, 3.6.20