Python Command Injection in imartinez/privategpt Application

CVE-2024-4343

Summary

A command injection vulnerability exists in the SagemakerLLM class's complete() method of the privategpt application. This security flaw arises from the unsafe use of the eval() function, which is used to parse responses from a remote AWS SageMaker LLM endpoint. By manipulating the endpoint response to include malicious Python code, an attacker can execute arbitrary commands on the hosting system. The vulnerability affects versions up to and including 0.3.0 and has been addressed in version 0.6.0.

References