File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 1+ # Mudler LocalAI RCE CVE-2024 -6983 Detector
2+
3+ Mudler LocalAI versions before 2.19.4 are vulnerable to remote code execution.
4+ The vulnerability arises because the localai backend receives inputs not only
5+ from the configuration file but also from other inputs, allowing an attacker to
6+ upload a binary file and execute malicious code. This can lead to the attacker
7+ gaining full control over the system.
8+
9+ - https://huntr.com/bounties/f91fb287-412e-4c89-87df-9e4b6e609647
10+ - https://sightline.protectai.com/vulnerabilities/b182990f-02ea-49d0-9fad-61030cbe6460/assess
11+
12+ ## Build jar file for this plugin
13+
14+ Using ` gradlew ` :
15+
16+ ``` shell
17+ ./gradlew jar
18+ ```
19+
20+ Tsunami identifiable jar file is located at ` build/libs ` directory.
Original file line number Diff line number Diff line change 1+ plugins {
2+ id ' java-library'
3+ }
4+
5+ description = ' Tsunami CVE-2024-6983 VulnDetector plugin.'
6+ group ' com.google.tsunami'
7+ version ' 0.0.1-SNAPSHOT'
8+
9+
10+ repositories {
11+ maven { // The google mirror is less flaky than mavenCentral()
12+ url ' https://maven-central.storage-download.googleapis.com/repos/central/data/'
13+ }
14+ mavenCentral()
15+ mavenLocal()
16+ }
17+
18+ def coreRepoBranch = System . getenv(" GITBRANCH_TSUNAMI_CORE" ) ?: " stable"
19+ def tcsRepoBranch = System . getenv(" GITBRANCH_TSUNAMI_TCS" ) ?: " stable"
20+
21+ dependencies {
22+ implementation(" com.google.tsunami:tsunami-common" ) {
23+ version { branch = " ${ coreRepoBranch} " }
24+ }
25+ implementation(" com.google.tsunami:tsunami-plugin" ) {
26+ version { branch = " ${ coreRepoBranch} " }
27+ }
28+ implementation(" com.google.tsunami:tsunami-proto" ) {
29+ version { branch = " ${ coreRepoBranch} " }
30+ }
31+
32+ testImplementation " junit:junit:4.13.2"
33+ testImplementation " org.mockito:mockito-core:5.18.0"
34+ testImplementation " com.google.truth:truth:1.4.4"
35+ testImplementation " com.squareup.okhttp3:mockwebserver:3.12.0"
36+ testImplementation " com.google.truth.extensions:truth-java8-extension:1.4.4"
37+ testImplementation " com.google.truth.extensions:truth-proto-extension:1.4.4"
38+ }
Original file line number Diff line number Diff line change 1+ rootProject. name = ' CVE-2024-6983'
2+
3+ def coreRepository = System . getenv(" GITREPO_TSUNAMI_CORE" ) ?: " https://github.com/google/tsunami-security-scanner.git"
4+ def tcsRepository = System . getenv(" GITREPO_TSUNAMI_TCS" ) ?: " https://github.com/google/tsunami-security-scanner-callback-server.git"
5+
6+ sourceControl {
7+ gitRepository(" ${ coreRepository} " ) {
8+ producesModule(" com.google.tsunami:tsunami-common" )
9+ producesModule(" com.google.tsunami:tsunami-plugin" )
10+ producesModule(" com.google.tsunami:tsunami-proto" )
11+ }
12+ }
Original file line number Diff line number Diff line change 1+ /*
2+ * Copyright 2024 Google LLC
3+ *
4+ * Licensed under the Apache License, Version 2.0 (the "License");
5+ * you may not use this file except in compliance with the License.
6+ * You may obtain a copy of the License at
7+ *
8+ * http://www.apache.org/licenses/LICENSE-2.0
9+ *
10+ * Unless required by applicable law or agreed to in writing, software
11+ * distributed under the License is distributed on an "AS IS" BASIS,
12+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13+ * See the License for the specific language governing permissions and
14+ * limitations under the License.
15+ */
16+
17+ package com .google .tsunami .plugins .detectors .cves .cve20246983 ;
18+
19+ import com .google .tsunami .plugin .PluginBootstrapModule ;
20+
21+ /** An CVE-2024-6983 Guice module that bootstraps the {@link Cve20246983VulnDetector}. */
22+ public class Cve20246983DetectorBootstrapModule extends PluginBootstrapModule {
23+ @ Override
24+ protected void configurePlugin () {
25+ registerPlugin (Cve20246983VulnDetector .class );
26+ }
27+ }
You can’t perform that action at this time.
0 commit comments