Remote Code Execution through Jinja2 Chat Template Injection
CVE-2024-34359
Key Information:
- Vendor
- Abetlen
- Status
- Llama-cpp-python
- Vendor
- CVE Published:
- 14 May 2024
Badges
Summary
The llama-cpp-python library, which provides Python bindings for llama.cpp, contains a security flaw stemming from the jinja2 templating engine utilized within its configuration. Upon initializing the Llama class to load machine learning models, the library improperly handles chat templates sourced from metadata of .gguf files. The Jinja2ChatFormatter's employment of a sandbox-less jinja2.Environment permits malicious actors to inject crafted payloads, leading to server-side template injection. This vulnerability can be exploited to achieve remote code execution, posing significant risks to applications utilizing this library.
Affected Version(s)
llama-cpp-python >= 0.2.30, <= 0.2.71
Get notified when SecurityVulnerability.io launches alerting 🔔
Well keep you posted 📧
News Articles
The Hacker NewsResearchers Uncover Flaws in Python Package for AI Models and PDF.js Used by Firefox
Researchers uncover critical security flaws in two widely used software packages, llama_cpp_python for AI models and PDF.js used by the Firefox.
9 months ago
Critical Flaw in AI Python Package Can Lead to System and Data Compromise
A critical vulnerability tracked as CVE-2024-34359 and dubbed Llama Drama can allow hackers to target AI product developers.
9 months ago
SystemTekSystemTek - Technology news and information
Strategic Command facilitated a Five Eyes Combined Digital Leadership Forum in Portsmouth, bringing together Chief Information Officers, Chief Data Officers, Read More The American Radio Relay...
9 months ago
References
CVSS V3.1
Timeline
- 👾
Exploit known to exist
- 📰
First article discovered by SystemTek
Vulnerability published
Vulnerability Reserved