CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5753 – Local File Read (LFI) by Prompt Injection via Postgres SQL in vanna-ai/vanna
https://notcve.org/view.php?id=CVE-2024-5753
05 Jul 2024 — vanna-ai/vanna version v0.3.4 is vulnerable to SQL injection in some file-critical functions such as `pg_read_file()`. This vulnerability allows unauthenticated remote users to read arbitrary local files on the victim server, including sensitive files like `/etc/passwd`, by exploiting the exposed SQL queries via a Python Flask API. La versión v0.3.4 de vanna-ai/vanna es vulnerable a la inyección de SQL en algunas funciones críticas de archivos como `pg_read_file()`. Esta vulnerabilidad permite a usuarios re... • https://huntr.com/bounties/a3f913d6-c717-4528-b974-26d8d9e839ca • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5827 – Arbitrary File Write by Prompt Injection via DuckDB SQL in vanna-ai/vanna
https://notcve.org/view.php?id=CVE-2024-5827
28 Jun 2024 — Vanna v0.3.4 is vulnerable to SQL injection in its DuckDB integration exposed to its Flask Web APIs. Attackers can inject malicious SQL training data and generate corresponding queries to write arbitrary files on the victim's file system, such as backdoor.php with contents `<?php system($_GET[0]); ?>`. This can lead to command execution or the creation of backdoors. • https://huntr.com/bounties/e4e64a51-618b-41d0-8f56-1d2146d8825e • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5826 – Remote Code Execution via Prompt Injection in vanna-ai/vanna
https://notcve.org/view.php?id=CVE-2024-5826
27 Jun 2024 — In the latest version of vanna-ai/vanna, the `vanna.ask` function is vulnerable to remote code execution due to prompt injection. The root cause is the lack of a sandbox when executing LLM-generated code, allowing an attacker to manipulate the code executed by the `exec` function in `src/vanna/base/base.py`. This vulnerability can be exploited by an attacker to achieve remote code execution on the app backend server, potentially gaining full control of the server. • https://huntr.com/bounties/90620087-44ac-4e43-b659-3c5d30889369 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5565 – Prompt Injection in "ask" API with visualization leads to RCE
https://notcve.org/view.php?id=CVE-2024-5565
31 May 2024 — The Vanna library uses a prompt function to present the user with visualized results, it is possible to alter the prompt using prompt injection and run arbitrary Python code instead of the intended visualization code. Specifically - allowing external input to the library’s “ask” method with "visualize" set to True (default behavior) leads to remote code execution. La librería Vanna utiliza una función de solicitud para presentar al usuario resultados visualizados; es posible modificar la solicitud mediante ... • https://research.jfrog.com/vulnerabilities/vanna-prompt-injection-rce-jfsa-2024-001034449 • CWE-94: Improper Control of Generation of Code ('Code Injection') •