4 matches found
CVE-2024-6331
stitionai/devika main branch as of commit cdfb782b0e634b773b10963c8034dc9207ba1f9f is vulnerable to Local File Read LFI by Prompt Injection. The integration of Google Gimini 1.0 Pro with HarmBlockThreshold.BLOCKNONE for HarmCategory.HARMCATEGORYHATESPEECH and HarmCategory.HARMCATEGORYHARASSMENT i...
CVE-2024-6331 Injection by Prompt Injection in stitionai/devika
stitionai/devika main branch as of commit cdfb782b0e634b773b10963c8034dc9207ba1f9f is vulnerable to Local File Read LFI by Prompt Injection. The integration of Google Gimini 1.0 Pro with HarmBlockThreshold.BLOCKNONE for HarmCategory.HARMCATEGORYHATESPEECH and HarmCategory.HARMCATEGORYHARASSMENT i...
CVE-2024-6331 Injection by Prompt Injection in stitionai/devika
stitionai/devika main branch as of commit cdfb782b0e634b773b10963c8034dc9207ba1f9f is vulnerable to Local File Read LFI by Prompt Injection. The integration of Google Gimini 1.0 Pro with HarmBlockThreshold.BLOCKNONE for HarmCategory.HARMCATEGORYHATESPEECH and HarmCategory.HARMCATEGORYHARASSMENT i...
CVE-2024-6331
CVE-2024-6331 affects stitionai/devika: Local File Read via Prompt Injection on the main branch as of commit cdfb782b0e634b773b10963c8034dc9207ba1f9f. The issue stems from prompt-injection allowing execution of commands that can read sensitive files (e.g., /etc/passwd) due to HarmBlockThreshold.B...