- Description
- llama-cpp-python is the Python bindings for llama.cpp. `llama-cpp-python` depends on class `Llama` in `llama.py` to load `.gguf` llama.cpp or Latency Machine Learning Models. The `__init__` constructor built in the `Llama` takes several parameters to configure the loading and running of the model. Other than `NUMA, LoRa settings`, `loading tokenizers,` and `hardware settings`, `__init__` also loads the `chat template` from targeted `.gguf` 's Metadata and furtherly parses it to `llama_chat_format.Jinja2ChatFormatter.to_chat_handler()` to construct the `self.chat_handler` for this model. Nevertheless, `Jinja2ChatFormatter` parse the `chat template` within the Metadate with sandbox-less `jinja2.Environment`, which is furthermore rendered in `__call__` to construct the `prompt` of interaction. This allows `jinja2` Server Side Template Injection which leads to remote code execution by a carefully constructed payload.
- Source
- security-advisories@github.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9.6
- Impact score
- 6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- security-advisories@github.com
- CWE-76
- Hype score
- Not currently trending
🚨 AI Vulnerability Alert 🚨 Critical security flaws in popular AI tools 1️⃣ Nvidia Container Toolkit Vulnerability (CVE-2024-0132): 2️⃣ Llama Drama Exploit (CVE-2024-34359) 💡 Takeaway: AI is revolutionizing industries but also increasing the attack surface. Regular updates,
@hkgsatish
13 Dec 2024
63 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Glad that my research on GGUF CVE-2024-34359 got featured in @ProtectAICorp latest Insight DB with the cooperation with @huggingface. Huggingface’s Guardian successfully detected my PoC model as a threat! Glad to contribute to the AI/ML Community! https://t.co/fyMlcp8uLW
@retr0reg
28 Oct 2024
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes