CVE-2024-9701

CRITICAL

Kedro < 0.19.9 - Remote Code Execution via ShelveStore Deserialization

Title source: llm

Description

A Remote Code Execution (RCE) vulnerability has been identified in the Kedro ShelveStore class (version 0.19.8). This vulnerability allows an attacker to execute arbitrary Python code via deserialization of malicious payloads, potentially leading to a full system compromise. The ShelveStore class uses Python's shelve module to manage session data, which relies on pickle for serialization. Crafting a malicious payload and storing it in the shelve file can lead to RCE when the payload is deserialized.

References (2)

Core 2

Core References

Exploit, Third Party Advisory

https://huntr.com/bounties/96c77fef-93b2-4d4d-8cbe-57a718d8eea5

Patch

https://github.com/kedro-org/kedro/commit/d79fa51de55ac0ccb58cce1a482df1b445f0fe7c

View Patch ZIP pw:eip

Scores

CVSS v3 9.8

EPSS 0.0614

EPSS Percentile 90.9%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-502

Status published

Products (2)

kedro-org/kedro-org/kedro unspecified - 0.19.9

pypi/kedro 0 - 0.19.9PyPI

Published Mar 20, 2025

Tracked Since Feb 18, 2026