CVE-2024-6331— Devika 信息泄露漏洞

Injection by Prompt Injection in stitionai/devika

stitionai/devika main branch as of commit cdfb782b0e634b773b10963c8034dc9207ba1f9f is vulnerable to Local File Read (LFI) by Prompt Injection. The integration of Google Gimini 1.0 Pro with `HarmBlockThreshold.BLOCK_NONE` for `HarmCategory.HARM_CATEGORY_HATE_SPEECH` and `HarmCategory.HARM_CATEGORY_HARASSMENT` in `safety_settings` disables content protection. This allows malicious commands to be executed, such as reading sensitive file contents like `/etc/passwd`.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

输出中的特殊元素转义处理不恰当(注入)

Devika 信息泄露漏洞

Devika是stition开源的一个高级 AI 软件工程师。可以理解高级人类指令，将它们分解为步骤，研究相关信息，并编写代码以实现给定的目标。 Devika存在信息泄露漏洞，该漏洞源于容易受到提示注入的本地文件读取攻击，使得恶意命令可以执行，进而读取敏感文件内容。

N/A

N/A