Lucene search

Veracode Vulnerability DatabaseVERACODE:46388

HistoryApr 12, 2024 - 12:31 p.m.

Command Injection

2024-04-1212:31:16

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

vulnerability

command injection

sanitization

ffmpeg

audiotowav

arbitrary commands

host system

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.3

Confidence

Low

EPSS

Percentile

9.6%

JSON

github.com/go-skynet/localai is vulnerable to command injection. The vulnerability is due to the lack of sanitization of user-supplied filenames before passing them to ffmpeg via a shell command in the audioToWav function, allowing attackers to execute arbitrary commands on the host system.

References

github.com/advisories/GHSA-wx43-g55g-2jf4

github.com/mudler/LocalAI/commit/31a4c9c9d3abc58de2bdc5305419181c8b33eb1c

huntr.com/bounties/e092528a-ce3b-4e66-9b98-3f56d6b276b0

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.3

Confidence

Low

EPSS

Percentile

9.6%

JSON

Related for VERACODE:46388