{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-23T04:07:24.719","vulnerabilities":[{"cve":{"id":"CVE-2024-52803","sourceIdentifier":"security-advisories@github.com","published":"2024-11-21T17:15:24.470","lastModified":"2026-06-17T08:07:39.417","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"LLama Factory enables fine-tuning of large language models. A critical remote OS command injection vulnerability has been identified in the LLama Factory training process. This vulnerability arises from improper handling of user input, allowing malicious actors to execute arbitrary OS commands on the host system. The issue is caused by insecure usage of the `Popen` function with `shell=True`, coupled with unsanitized user input. Immediate remediation is required to mitigate the risk. This vulnerability is fixed in 0.9.1."},{"lang":"es","value":"LLama Factory permite el ajuste fino de modelos de lenguaje de gran tamaño. Se ha identificado una vulnerabilidad crítica de inyección remota de comandos del sistema operativo en el proceso de entrenamiento de LLama Factory. Esta vulnerabilidad surge del manejo inadecuado de la entrada del usuario, lo que permite que actores maliciosos ejecuten comandos arbitrarios del sistema operativo en el sistema host. El problema se debe al uso inseguro de la función `Popen` con `shell=True`, junto con una entrada del usuario no desinfectada. Se requiere una solución inmediata para mitigar el riesgo. Esta vulnerabilidad se solucionó en la versión 0.9.1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"hiyouga","product":"LLaMA-Factory","versions":[{"version":"< 0.9.1","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"llama-factory","product":"llama-factory","defaultStatus":"unknown","cpes":["cpe:2.3:a:llama-factory:llama-factory:*:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"0.9.1","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-11-21T21:05:38.878255Z","id":"CVE-2024-52803","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:hiyouga:llama-factory:*:*:*:*:*:*:*:*","versionEndExcluding":"0.9.1","matchCriteriaId":"AEB416D8-3547-46AC-AA15-1EB5A04AE49D"}]}]}],"references":[{"url":"https://gist.github.com/superboy-zjc/f2d2b93ae511c445ba97e144b70e534d","source":"security-advisories@github.com","tags":["Exploit"]},{"url":"https://github.com/hiyouga/LLaMA-Factory/commit/b3aa80d54a67da45e9e237e349486fb9c162b2ac","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/hiyouga/LLaMA-Factory/security/advisories/GHSA-hj3w-wrh4-44vp","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]}]}}]}