CVE-2024-41950
HIGHHaystack < 2.3.1 - Remote Code Execution via Jinja2 Template Injection
Title source: llmDescription
Haystack is an end-to-end LLM framework that allows you to build applications powered by LLMs, Transformer models, vector search and more. Haystack clients that let their users create and run Pipelines from scratch are vulnerable to remote code executions. Certain Components in Haystack use Jinja2 templates, if anyone can create and render that template on the client machine they run any code. The vulnerability has been fixed with Haystack `2.3.1`.
References (6)
Core 6
Core References
Vendor Advisory x_refsource_confirm
https://github.com/deepset-ai/haystack/security/advisories/GHSA-hx9v-6r9f-w677
Issue Tracking x_refsource_misc
https://github.com/deepset-ai/haystack/pull/8095
Issue Tracking x_refsource_misc
https://github.com/deepset-ai/haystack/pull/8096
Patch x_refsource_misc
https://github.com/deepset-ai/haystack/commit/3fed1366c448b02189851bf08166c1f6477a02b0
Patch x_refsource_misc
https://github.com/deepset-ai/haystack/commit/6c25a5c73e83aa32c3241ba84a5cbb3ac0e8a89e
Release Notes x_refsource_misc
https://github.com/deepset-ai/haystack/releases/tag/v2.3.1
Scores
CVSS v3
7.5
EPSS
0.0116
EPSS Percentile
62.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-1336
Status
published
Products (2)
deepset-ai/haystack
< 2.3.1
pypi/haystack-ai
0 - 2.3.1PyPI
Published
Jul 31, 2024
Tracked Since
Feb 18, 2026