CVE-2024-4181

{"id": "CVE-2024-4181", "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "security@huntr.dev", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2024-05-16T09:15:15.553", "references": [{"url": "https://github.com/run-llama/llama_index/commit/d73715eaf0642705583e7897c78b9c8dd2d3a7ba", "source": "security@huntr.dev"}, {"url": "https://huntr.com/bounties/1a204520-598a-434e-b13d-0d34f2a5ddc1", "source": "security@huntr.dev"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "security@huntr.dev", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "A command injection vulnerability exists in the RunGptLLM class of the llama_index library, version 0.9.47, used by the RunGpt framework from JinaAI to connect to Language Learning Models (LLMs). The vulnerability arises from the improper use of the eval function, allowing a malicious or compromised LLM hosting provider to execute arbitrary commands on the client's machine. This issue was fixed in version 0.10.13. The exploitation of this vulnerability could lead to a hosting provider gaining full control over client machines."}, {"lang": "es", "value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos en la clase RunGptLLM de la librer\u00eda llama_index, versi\u00f3n 0.9.47, utilizada por el marco RunGpt de JinaAI para conectarse a los modelos de aprendizaje de idiomas (LLM). La vulnerabilidad surge del uso inadecuado de la funci\u00f3n de evaluaci\u00f3n, lo que permite que un proveedor de alojamiento LLM malicioso o comprometido ejecute comandos arbitrarios en la m\u00e1quina del cliente. Este problema se solucion\u00f3 en la versi\u00f3n 0.10.13. La explotaci\u00f3n de esta vulnerabilidad podr\u00eda llevar a que un proveedor de alojamiento obtenga control total sobre las m\u00e1quinas cliente."}], "lastModified": "2024-05-16T13:03:05.353", "sourceIdentifier": "security@huntr.dev"}