The capturedependencies function in sagemaker.serve.save_retrive.version_1_0_0.save.utils
module before version 2.214.3 allows for potentially unsafe Operating System (OS) Command Injection if inappropriate command is passed as the “requirementspath” parameter. This consequently may allow an unprivileged third party to cause remote code execution, denial of service, affecting both confidentiality and integrity.
Impacted versions: <2.214.3
We would like to thank HiddenLayer for collaborating on this issue through the coordinated vulnerability disclosure process.
Do not override the “requirementspath” parameter of capturedependencies function in sagemaker.serve.save_retrive.version_1_0_0.save.utils
, instead use the default value.
If you have any questions or comments about this advisory we ask that you contact AWS/Amazon Security via our vulnerability reporting page [1] or directly via email to aws-security@amazon.com. Please do not create a public GitHub issue. [1] Vulnerability reporting page: https://aws.amazon.com/security/vulnerability-reporting
Fixed by: https://github.com/aws/sagemaker-python-sdk/pull/4556