CVE-2024-4881Absolute Path Traversal in Lollms

CWE-36Absolute Path TraversalCWE-22Path TraversalCWE-457Use of Uninitialized Variable5 documents4 sources
Severity
7.5HIGHNVD
EPSS
0.2%
top 56.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Parisneo LollmsLollms
Timeline
PublishedJun 6
Latest updateDec 27

Description

A path traversal vulnerability exists in the parisneo/lollms application, affecting version 9.4.0 and potentially earlier versions, but fixed in version 5.9.0. The vulnerability arises due to improper validation of file paths between Windows and Linux environments, allowing attackers to traverse beyond the intended directory and read any file on the Windows system. Specifically, the application fails to adequately sanitize file paths containing backslashes (`\`), which can be exploited to access

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

CVEListV5parisneo/parisneo_lollmsunspecified5.9.0
NVDlollms/lollms< 5.9.0
PyPIlollms/lollms< 9.5.0+2

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

3
GHSA
LoLLMS Path Traversal vulnerability2024-06-06
OSV
CVE-2024-4881: A path traversal vulnerability exists in the parisneo/lollms application, affecting version 92024-06-06
OSV
LoLLMS Path Traversal vulnerability2024-06-06

📋Vendor Advisories

1
Red Hat
kernel: bpf: Call free_htab_elem() after htab_unlock_bucket()2024-12-27