Lucene search
K

44 matches found

Cvelist
Cvelist
added 2024/11/21 4:53 p.m.66 views

CVE-2024-52803 LLama Factory Remote OS Command Injection Vulnerability

LLama Factory enables fine-tuning of large language models. A critical remote OS command injection vulnerability has been identified in the LLama Factory training process. This vulnerability arises from improper handling of user input, allowing malicious actors to execute arbitrary OS commands on...

7.5CVSS0.02273EPSS
Exploits1References3
OSV
OSV
added 2024/11/21 4:53 p.m.12 views

CVE-2024-52803 LLama Factory Remote OS Command Injection Vulnerability

LLama Factory enables fine-tuning of large language models. A critical remote OS command injection vulnerability has been identified in the LLama Factory training process. This vulnerability arises from improper handling of user input, allowing malicious actors to execute arbitrary OS commands on...

7.5CVSS8.1AI score0.02273EPSS
Exploits1References5
CVE
CVE
added 2024/11/21 4:53 p.m.71 views

CVE-2024-52803

CVE-2024-52803 affects LLama Factory, where the training process is vulnerable to a remote OS command injection due to insecure use of Popen with shell=True and unsanitized user input. The issue allows an attacker to execute arbitrary OS commands on the host, with impact described as high for con...

9.8CVSS7.9AI score0.02273EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2024/11/21 12:0 a.m.61 views

LLaMA-Factory 操作系统命令注入漏洞

LLaMA-Factory is a fine-tuned large-scale language model by a Chinese hoshi-hiyouga individual developer. A cross-site scripting vulnerability exists in LLaMA-Factory version 0.9.0 and earlier, which stems from improper handling of user input and allows malicious actors to execute arbitrary...

9.8CVSS7.1AI score0.02273EPSS
Exploits1References4
Rows per page
Query Builder