llama-index-core Prompt Injection vulnerability leading to Arbitrary Code Execution

GHSA-wvpx-g427-q9wc · CVE-2024-3098

Published Apr 10, 2024 · Modified Apr 10, 2024

Description

A vulnerability was identified in the exec_utils class of the llama_index package, specifically within the safe_eval function, allowing for prompt injection leading to arbitrary code execution. This issue arises due to insufficient validation of input, which can be exploited to bypass method restrictions and execute unauthorized code. The vulnerability is a bypass of the previously addressed CVE-2023-39662, demonstrated through a proof of concept that creates a file on the system by exploiting the flaw.

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2024-3098
WEB https://github.com/run-llama/llama_index/commit/2c92e88838a5f481d50840240b1dd3180066c6f5
WEB https://github.com/run-llama/llama_index/commit/5fbcb5a8b9f20f81b791c7fc8849e352613ab475
PACKAGE https://github.com/run-llama/llama_index
WEB https://huntr.com/bounties/1bce0d61-ad03-4b22-bc32-8f99f92974e7

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes