Multiple flaws found in AI systems, at least 16 critical
Take action: If you are using anything-llm, zenml, pytorch/serve, bentoml, llama_index, qdrant, lollms-webui, localai, mlflow and lunary, review the list and plan to patch or update. Also make sure your team reviews the entire full list of flaws and update regularly.
Learn More
Protect AI's huntr bug bounty program with a community of over 15,000 members, reports multiple vulnerabilities across the AI/ML supply chain.
The vulnerabilities are significant because the OSS AI/ML tools are widely used in building enterprise AI systems and can contain weaknesses that might allow attackers to take over systems completely.
The reported vulnerabilities have been disclosed to the maintainers at least 45 days before public reporting, and remediation efforts are ongoing.
The critical issues in the latest report include issues with anything-llm, zenml, pytorch/serve, bentoml, llama_index, qdrant, lollms-webui, localai, mlflow and lunary:
-
Tool: anything-llm
- CVE: CVE-2024-3025
- CVSS Score: 9.9
- Flaw: Arbitrary file deletion / reading via path traversal in logo photo upload and download feature
- Action: Upgrade to version 1.0.0
-
Tool: zenml
- CVE: CVE-2024-2083
- CVSS Score: 9.9
- Flaw: Directory Traversal in /api/v1/steps
- Action: Upgrade to version 0.55.5
-
Tool: pytorch/serve
- CVE: N/A per maintainer request
- CVSS Score: 9.8
- Flaw: Remote Code Execution due to Full Controlled File Write
- Action: Read security documentation for secure deployment.
-
Tool: bentoml
- CVE: CVE-2024-2912
- CVSS Score: 9.8
- Flaw: RCE By Sending A Single POST Request Via Insecure Deserialization
- Action: Upgrade to version 1.2.5
-
Tool: llama_index
- CVE: CVE-2024-3098
- CVSS Score: 9.8
- Flaw: Prompt Injection leading to Arbitrary Code Execution
- Action: Upgrade to version 0.10.24
-
Tool: qdrant
- CVE: CVE-2024-2221
- CVSS Score: 9.8
- Flaw: Remote Code Execution via Arbitrary File Overwrite Using Path Traversal
- Action: Upgrade to version 1.8.0
-
Tool: lollms-webui
- CVE: CVE-2024-1520
- CVSS Score: 9.8
- Flaw: OS Command Injection
- Action: Upgrade to version 9.1
-
Tool: localai
- CVE: CVE-2024-2029
- CVSS Score: 9.8
- Flaw: Command injection in audioToWav in mudler/localai
- Action: Upgrade to version 2.10.0
-
Tool: llama_index
- CVE: CVE-2024-3271
- CVSS Score: 9.8
- Flaw: safe_eval bypass lead to RCE (Command Injection)
- Action: Upgrade to version 10.26
-
Tool: lollms-webui
- CVE: CVE-2024-1600
- CVSS Score: 9.3
- Flaw: Local File Inclusion
- Action: Upgrade to version 9.5
-
Tool: mlflow
- CVE: CVE-2024-3573
- CVSS Score: 9.3
- Flaw: Local File Read (LFI) due to scheme confusion
- Action: Upgrade to version 2.10.0
-
Tool: lunary
- CVE: CVE-2024-1643
- CVSS Score: 9.1
- Flaw: Join any organization and read/modify all data
- Action: Upgrade to version 1.2.2
-
Tool: lunary
- CVE: CVE-2024-1740
- CVSS Score: 9.1
- Flaw: Removed user from an org can read/create/modify/delete logs
- Action: Upgrade to version 1.2.7
-
Tool: lunary
- CVE: CVE-2024-1626
- CVSS Score: 9.1
- Flaw: idor bug to change any org project
- Action: Upgrade to version 1.0.0
-
Tool: anything-llm
- CVE: CVE-2024-0404
- CVSS Score: 9.1
- Flaw: Mass assignment in account creation from invitation
- Action: Upgrade to version 1.0.0
-
Tool: anything-llm
- CVE: CVE-2024-3029
- CVSS Score: 9.0
- Flaw: Deactivate Multi-User Mode and Delete All Users
- Action: Upgrade to version 1.0.0
Users are advised to review the full list, but prioritize actions on the critical vulnerabilities.
