CVE-2024-6139 – lollms

Package

Manager: pip
Name: lollms
Vulnerable Version: >=0 <=9.5.1

Severity

Level: High

CVSS v3.1: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

EPSS: 0.00089 pctl0.26343

Details

lollms vulnerable to dot-dot-slash path traversal in XTTS server A path traversal vulnerability exists in the XTTS server of the parisneo/lollms package version v9.6. This vulnerability allows an attacker to write audio files to arbitrary locations on the system and enumerate file paths. The issue arises from improper validation of user-provided file paths in the `tts_to_file` endpoint.

Metadata

Created: 2024-06-27T21:32:08Z
Modified: 2024-06-28T21:10:38Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/06/GHSA-w9qf-83jg-2x6c/GHSA-w9qf-83jg-2x6c.json
CWE IDs: ["CWE-29"]
Alternative ID: GHSA-w9qf-83jg-2x6c
Finding: F184
Auto approve: 1