Lucene search

CVE-2024-4897

🗓️ 02 Jul 2024 15:11:15Reported by [email protected]Type

parisneo/lollms-webui vulnerable to remote code execution via insecure dependency on llama-cpp-pytho

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 12
Cvelist	CVE-2024-4897 Remote Code Execution in parisneo/lollms-webui	2 Jul 202414:37	–	cvelist
Cvelist	CVE-2024-34359 llama-cpp-python vulnerable to Remote Code Execution by Server-Side Template Injection in Model Metadata	10 May 202417:07	–	cvelist
CVE	CVE-2024-4897	2 Jul 202415:15	–	cve
CVE	CVE-2024-34359	14 May 202415:38	–	cve
Vulnrichment	CVE-2024-4897 Remote Code Execution in parisneo/lollms-webui	2 Jul 202414:37	–	vulnrichment
Vulnrichment	CVE-2024-34359 llama-cpp-python vulnerable to Remote Code Execution by Server-Side Template Injection in Model Metadata	10 May 202417:07	–	vulnrichment
NVD	CVE-2024-34359	14 May 202415:38	–	nvd
Veracode	Server Side Request Forgery (SSRF)	14 May 202406:24	–	veracode
Github Security Blog	llama-cpp-python vulnerable to Remote Code Execution by Server-Side Template Injection in Model Metadata	13 May 202414:10	–	github
OSV	GHSA-56XG-WFCC-G829 llama-cpp-python vulnerable to Remote Code Execution by Server-Side Template Injection in Model Metadata	13 May 202414:10	–	osv

Source	Link
huntr	www.huntr.com/bounties/ecf386df-4b6a-40b2-9000-db0974355acc

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

02 Jul 2024 15:15Current

CVSS38.4

EPSS0.02936

CWE-76

parisneo lollms-webui remote code execution insecure dependency llama-cpp-python vulnerability bindings_zoo model files cve-2024-4897 gguf-format