CVE-2024-34359

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-34359

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-34359.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-34359

Aliases

GHSA-56xg-wfcc-g829

Published

2024-05-14T15:38:45Z

Modified

2024-05-19T02:24:46.406392Z

Summary

[none]

Details

llama-cpp-python is the Python bindings for llama.cpp. llama-cpp-python depends on class Llama in llama.py to load .gguf llama.cpp or Latency Machine Learning Models. The __init__ constructor built in the Llama takes several parameters to configure the loading and running of the model. Other than NUMA, LoRa settings, loading tokenizers, and hardware settings, __init__ also loads the chat template from targeted .gguf 's Metadata and furtherly parses it to llama_chat_format.Jinja2ChatFormatter.to_chat_handler() to construct the self.chat_handler for this model. Nevertheless, Jinja2ChatFormatter parse the chat template within the Metadate with sandbox-less jinja2.Environment, which is furthermore rendered in __call__ to construct the prompt of interaction. This allows jinja2 Server Side Template Injection which leads to remote code execution by a carefully constructed payload.

References

Affected packages

Git / github.com/abetlen/llama-cpp-python

Affected ranges

Type: GIT
Repo: https://github.com/abetlen/llama-cpp-python
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

b454f40a9a1787b2b5659cd2cb00819d983185df

Affected versions

v0.*

v0.1.29

v0.1.30

v0.1.31

v0.1.32

v0.1.33

v0.1.34

v0.1.35

v0.1.36

v0.1.37

v0.1.38

v0.1.39

v0.1.40

v0.1.41

v0.1.42

v0.1.43

v0.1.44

v0.1.45

v0.1.46

v0.1.47

v0.1.48

v0.1.49

v0.1.50

v0.1.51

v0.1.52

v0.1.53

v0.1.54

v0.1.55

v0.1.56

v0.1.57

v0.1.59

v0.1.60

v0.1.61

v0.1.62

v0.1.63

v0.1.64

v0.1.65

v0.1.66

v0.1.67

v0.1.68

v0.1.69

v0.1.70

v0.1.71

v0.1.72

v0.1.73

v0.1.74

v0.1.75

v0.1.76

v0.1.77

v0.1.78

v0.1.80

v0.1.81

v0.1.82

v0.1.83

v0.1.84

v0.1.85

v0.2.0

v0.2.1

v0.2.10

v0.2.11

v0.2.12

v0.2.13

v0.2.14

v0.2.15

v0.2.16

v0.2.17

v0.2.18

v0.2.19

v0.2.2

v0.2.20

v0.2.21

v0.2.22

v0.2.23

v0.2.24

v0.2.25

v0.2.26

v0.2.27

v0.2.28

v0.2.29

v0.2.3

v0.2.30

v0.2.31

v0.2.32

v0.2.33

v0.2.34

v0.2.35

v0.2.36

v0.2.37

v0.2.38

v0.2.39

v0.2.4

v0.2.40

v0.2.41

v0.2.42

v0.2.43

v0.2.44

v0.2.45

v0.2.46

v0.2.47

v0.2.48

v0.2.49

v0.2.5

v0.2.50

v0.2.51

v0.2.52

v0.2.53

v0.2.54

v0.2.55

v0.2.56

v0.2.57

v0.2.58

v0.2.59

v0.2.59-cu121

v0.2.59-cu122

v0.2.59-cu123

v0.2.59-metal

v0.2.6

v0.2.60

v0.2.60-cu121

v0.2.60-cu122

v0.2.60-cu123

v0.2.60-metal

v0.2.61

v0.2.61-cu121

v0.2.61-cu122

v0.2.61-cu123

v0.2.61-metal

v0.2.62

v0.2.62-cu121

v0.2.62-cu122

v0.2.62-cu123

v0.2.62-metal

v0.2.63

v0.2.63-cu121

v0.2.63-cu122

v0.2.63-cu123

v0.2.63-metal

v0.2.64

v0.2.64-cu121

v0.2.64-cu122

v0.2.64-cu123

v0.2.64-metal

v0.2.65

v0.2.65-cu121

v0.2.65-cu122

v0.2.65-cu123

v0.2.65-metal

v0.2.66

v0.2.66-cu121

v0.2.66-cu122

v0.2.66-cu123

v0.2.66-cu124

v0.2.66-metal

v0.2.67

v0.2.67-cu121

v0.2.67-cu122

v0.2.67-cu123

v0.2.67-cu124

v0.2.67-metal

v0.2.68

v0.2.68-cu121

v0.2.68-cu122

v0.2.68-cu123

v0.2.68-cu124

v0.2.68-metal

v0.2.69

v0.2.69-cu121

v0.2.69-cu122

v0.2.69-cu123

v0.2.69-cu124

v0.2.69-metal

v0.2.7

v0.2.70

v0.2.70-cu121

v0.2.70-cu122

v0.2.70-cu123

v0.2.70-cu124

v0.2.70-metal

v0.2.71

v0.2.71-cu121

v0.2.71-cu122

v0.2.71-cu123

v0.2.71-cu124

v0.2.71-metal

v0.2.8

v0.2.9