CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-34359

Medium Severity
SVRS
30/100
CVSSv3
NA/10
EPSS
0.03102/1

CVE-2024-34359 in llama-cpp-python exposes a critical vulnerability through the Jinja2ChatFormatter class. This Server Side Template Injection (SSTI) flaw allows for potential remote code execution due to unsanitized parsing of chat templates within .gguf files. Specifically, the __init__ constructor of the Llama class uses a sandbox-less jinja2.Environment to parse chat templates, which can then be exploited by malicious payloads embedded in the .gguf metadata. Despite a CVSS score of 0, the presence of the "In The Wild" tag highlights active exploitation, but the SOCRadar Vulnerability Risk Score (SVRS) of 30 indicates a lower immediate risk compared to critical vulnerabilities. However, organizations utilizing llama-cpp-python should carefully inspect .gguf files from untrusted sources to mitigate potential exploitation. The successful exploitation of this vulnerability allows attackers to execute arbitrary code on the affected system, posing a significant security risk. Given the potential for remote code execution, developers need to apply proper sanitization techniques to the chat templates to prevent this vulnerability.

TAGS
In The Wild
VECTOR STRING
PUBLICATION DATE2024-05-14
LAST MODIFIED2024-05-14

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-34359 | abetlen llama-cpp-python up to 0.2.71 llama.py to_chat_handler equivalent special elements
vuldb.com2025-03-30
CVE-2024-34359 | abetlen llama-cpp-python up to 0.2.71 llama.py to_chat_handler equivalent special elements | A vulnerability was found in abetlen llama-cpp-python up to 0.2.71 and classified as critical. This issue affects the function to_chat_handler of the file llama.py. The manipulation leads to improper neutralization of equivalent special elements. The identification of this vulnerability is
vuldb.com
rss
forum
news
Tageszusammenfassung - 16.05.2024
CERT.at2024-05-17
Tageszusammenfassung - 16.05.2024 | End-of-Day report Timeframe: Mittwoch 15-05-2024 18:00 - Donnerstag 16-05-2024 18:00 Handler: Michael Schlagenhaufer Co-Handler: Thomas Pribitzer News To the Moon and back(doors): Lunar landing in diplomatic missions ESET researchers provide technical analysis of the Lunar toolset, likely used by the Turla APT group, that infiltrated a European ministry of foreign affairs. <p class="block
cve-2024-28757
cve-2024-34359
cve-2024-28863
cve-2024-3400
6K-plus AI models may be affected by critical RCE vulnerability - SC Media
2024-05-17
6K-plus AI models may be affected by critical RCE vulnerability - SC Media | News Content: A critical vulnerability in a popular Python package for large-language models (LLMs) may affect more than 6,000 models and could lead to supply chain attacks. The open-source llama-cpp-python package was found to be vulnerable to server-side template injection, which could lead to remote code execution (RCE). The flaw, tracked as CVE-2024-34359, was discovered by Patrick Peng, a security researcher and developer who goes by retro0reg online. The llama-cpp-python package provides Python bindings for the widely
google.com
rss
forum
news
TCE Cyberwatch: List of all the Major Data Breaches - The Cyber Express
2024-05-26
TCE Cyberwatch: List of all the Major Data Breaches - The Cyber Express | News Content: This week on TCE Cyberwatch, we bring you news of new vulnerabilities that have cropped up, along with threats of cyberattacks and new cybercrime forums that have opened up. With the U.S. elections around the corner, worries about cyberattacks have become more prevalent. There are also developments in the world of tech this week from other countries like Australia. TCE Cyberwatch hopes all readers feel informed reading this article and realize the impact of cybercrimes. This recap aims to educate readers on the importance of staying
cve-2024-34359
domains
google.com
rss
AI Python Package Flaw 'Llama Drama' Threatens Software Supply Chain - HackRead
2024-05-20
AI Python Package Flaw 'Llama Drama' Threatens Software Supply Chain - HackRead | News Content: Checkmarx threat research team in a report shared with Hackread.com revealed the dangers posed by seemingly trusted AI models harboring backdoors. Dubbed Llama drama; the vulnerability impacts the llama_cpp_python package potentially allowing attackers to execute arbitrary code and compromise data and operations. The vulnerability affects over 6,000 AI models on trusted platforms like Hugging Face, highlighting the need for AI platforms and developers to address supply chain security challenges. It is important to mention that the vulnerability was initially discovered by a cybersecurity researcher
google.com
rss
forum
news
Researchers Uncover Flaws in Python Package for AI Models and PDF.js Used by Firefox
Ajit Jasrotia2024-05-21
Researchers Uncover Flaws in Python Package for AI Models and PDF.js Used by Firefox | A critical security flaw has been disclosed in the llama_cpp_python Python package that could be exploited by threat actors to achieve arbitrary code execution. Tracked as CVE-2024-34359 (CVSS score: 9.7), the flaw has been codenamed Llama Drama by software supply chain security firm Checkmarx. &#8220;If exploited, it could allow attackers to execute arbitrary code on [&#8230;] The post Researchers Uncover Flaws in Python Package for
cve-2024-34359
cve-2024-4367
domains
urls
Vulnerability Recap 5/20/24 – Patch Tuesday, Chrome &amp; D-Link
Jenna Phipps2024-05-20
Vulnerability Recap 5/20/24 – Patch Tuesday, Chrome &amp; D-Link | Microsoft patched over 60 vulnerabilities in this month's Patch Tuesday, and Chrome, D-Link, and VMware saw vulnerabilities. The post Vulnerability Recap 5/20/24 – Patch Tuesday, Chrome &amp; D-Link appeared first on eSecurity Planet.Microsoft Patch Tuesday takes center stage in this week&#8217;s vulnerability news, with a notable SharePoint Server vulnerability that&#8217;s been seen
esecurityplanet.com
rss
forum
news

Social Media

@PR0GRAMMERHUM0R Context: Vibe coders allow code produced by Artificial "Intelligence" to be injected into their projects, increasing the potential security attack surface of their organization. Such attacks are already happening as in the remote code execution AI vulnerability in CVE-2024-34359.
0
0
2
Glad that my research on GGUF CVE-2024-34359 got featured in @ProtectAICorp latest Insight DB with the cooperation with @huggingface. Huggingface’s Guardian successfully detected my PoC model as a threat! Glad to contribute to the AI/ML Community! https://t.co/fyMlcp8uLW
0
0
0
The llama_cpp_python package has a critical security flaw, "Llama Drama" (CVE-2024-34359), jeopardizing AI integration with Python. https://t.co/MwDMbR4DT6
0
0
0
🚨#ThreatIntel: 6k+ #AI models on #HuggingFace using llama_cpp_python and Jinja2 are vulnerable! #CVE-2024-34359 was discovered by retr0reg in the “llama_cpp_python” and a fix has been issued in v0.2.72: https://t.co/2vionpZxTl
0
0
0
https://t.co/DScRU5gQFX - Critical security flaws in llama_cpp_python (CVE-2024-34359, Llama Drama) and Mozilla’s PDF.js library pose data and system risks. Mitigation recommendations emphasize vigilant security practices. Stay updated for exclusive content. #Xynik #CyberSecuri…
0
0
0
CVE-2024-34359 discovered in the popular llama_cpp_python package, used for integrating #AI models with #Python, has raised concerns about the security of AI platforms and the broader supply chain https://t.co/bkiFg4iqxy
0
0
0
🗣 CVE-2024-34359: Critical Vulnerability in AI Integration Package Threatens Data Security https://t.co/MJAh4AHdav #security #cybernews #cybersecurity #fridaysecurity #linkedin #twitter #telegram
0
0
0
『Over 6k AI models om HuggingFace using llama_cpp_python and Jinja2 are vulnerable.』 Llama Drama: Critical Vulnerability CVE-2024-34359 Threatening Your Software Supply Chain https://t.co/lESdJN6FBj
0
0
0
『Over 6k AI models om HuggingFace using llama_cpp_python and Jinja2 are vulnerable.』 Llama Drama: Critical Vulnerability CVE-2024-34359 Threatening Your Software Supply Chain https://t.co/lESdJN6FBj iocs: https://checkmarx.com/blog/llama-drama-critical-vulnerability-cve-2024-34359-threatening-your-software-supply-chain/
0
0
0
'CVE-2024-34359 is a critical vulnerability stemming from the misuse of the Jinja2 template engine within the "llama_cpp_python" package ... processing template data without proper security measures ... which Jinja2 supports but was not implemented ... https://t.co/wQYBtoIYCV
1
0
0

Affected Software

No affected software found for this CVE

References

ReferenceLink
[email protected]https://github.com/abetlen/llama-cpp-python/commit/b454f40a9a1787b2b5659cd2cb00819d983185df
[email protected]https://github.com/abetlen/llama-cpp-python/security/advisories/GHSA-56xg-wfcc-g829
GITHUBhttps://github.com/abetlen/llama-cpp-python/security/advisories/GHSA-56xg-wfcc-g829

CWE Details

CWE IDCWE NameDescription
CWE-76Improper Neutralization of Equivalent Special ElementsThe software properly neutralizes certain special elements, but it improperly neutralizes equivalent special elements.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence