| タイトル | griptape v0.19.4 Absolute Path Traversal |
|---|
| 説明 | The ComputerTool in Griptape allows agents to execute Python code by first writing the code to a file in a local working directory, which is then mounted into a container for execution. However, the filename parameter, which determines where the code is stored locally, is generated by the LLM and is not properly validated or sanitized. This lack of validation allows for a path traversal vulnerability. An attacker can use prompt injection to coerce the LLM into specifying a filename containing directory traversal sequences (e.g., ../../malicious_file). Since the file content (the code) is also controllable via prompt injection, writing to sensitive files like __init__.py or ~/.bashrc may lead to Remote Code Execution (RCE) on the host system. |
|---|
| ソース | ⚠️ https://github.com/Ka7arotto/cve/blob/main/griptape/SaveCodeTool/computeTool.md |
|---|
| ユーザー | Goku (UID 80486) |
|---|
| 送信 | 2026年03月21日 03:05 (16 日 ago) |
|---|
| モデレーション | 2026年04月05日 07:17 (15 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 355391 [griptape-ai griptape 0.19.4 ComputerTool tool.py filename ディレクトリトラバーサル] |
|---|
| ポイント | 20 |
|---|