{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-08T03:17:59.266","vulnerabilities":[{"cve":{"id":"CVE-2024-4343","sourceIdentifier":"security@huntr.dev","published":"2024-11-14T18:15:19.687","lastModified":"2025-07-17T01:33:59.290","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A Python command injection vulnerability exists in the `SagemakerLLM` class's `complete()` method within `./private_gpt/components/llm/custom/sagemaker.py` of the imartinez/privategpt application, versions up to and including 0.3.0. The vulnerability arises due to the use of the `eval()` function to parse a string received from a remote AWS SageMaker LLM endpoint into a dictionary. This method of parsing is unsafe as it can execute arbitrary Python code contained within the response. An attacker can exploit this vulnerability by manipulating the response from the AWS SageMaker LLM endpoint to include malicious Python code, leading to potential execution of arbitrary commands on the system hosting the application. The issue is fixed in version 0.6.0."},{"lang":"es","value":"Existe una vulnerabilidad de inyección de comandos de Python en el método `complete()` de la clase `SagemakerLLM` dentro de `./private_gpt/components/llm/custom/sagemaker.py` de la aplicación imartinez/privategpt, versiones hasta la 0.3.0 incluida. La vulnerabilidad surge debido al uso de la función `eval()` para analizar una cadena recibida desde un punto de conexión remoto de AWS SageMaker LLM en un diccionario. Este método de análisis no es seguro ya que puede ejecutar código Python arbitrario contenido en la respuesta. Un atacante puede explotar esta vulnerabilidad manipulando la respuesta del punto de conexión de AWS SageMaker LLM para incluir código Python malicioso, lo que lleva a la posible ejecución de comandos arbitrarios en el sistema que aloja la aplicación. El problema se solucionó en la versión 0.6.0."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV30":[{"source":"security@huntr.dev","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"security@huntr.dev","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pribai:privategpt:*:*:*:*:*:*:*:*","versionEndExcluding":"0.6.0","matchCriteriaId":"5AAF6727-548E-43F2-BABA-BDB23B261130"}]}]}],"references":[{"url":"https://github.com/imartinez/privategpt/commit/86368c61760c9cee5d977131d23ad2a3e063cbe9","source":"security@huntr.dev","tags":["Patch"]},{"url":"https://huntr.com/bounties/1d1e8f06-ec45-4b17-ae24-b83a41304c15","source":"security@huntr.dev","tags":["Exploit","Third Party Advisory"]}]}}]}