CVE-2024-6331

Name of the Vulnerable Software and Affected Versions stitionai/devika main branch as of commit cdfb782b0e634b773b10963c8034dc9207ba1f9f stitionai/devika up to version 1.0

Description The issue concerns a Local File Read (LFI) vulnerability by Prompt Injection. It is caused by the integration of Google Gimini 1.0 Pro with specific settings in safety settings, particularly HarmBlockThreshold.BLOCK NONE for HarmCategory.HARM CATEGORY HATE SPEECH and HarmCategory.HARM CATEGORY HARASSMENT, which disables content protection. This allows malicious commands to be executed, enabling the reading of sensitive file contents, such as /etc/passwd.

Recommendations For stitionai/devika main branch as of commit cdfb782b0e634b773b10963c8034dc9207ba1f9f, update to a patched version immediately. For stitionai/devika up to version 1.0, update to a patched version immediately and monitor for exploit attempts. As a temporary workaround, consider disabling the integration of Google Gimini 1.0 Pro with HarmBlockThreshold.BLOCK NONE for HarmCategory.HARM CATEGORY HATE SPEECH and HarmCategory.HARM CATEGORY HARASSMENT in safety settings to re-enable content protection.