CVE-2024-4343 | imartinez privategpt up to 0.3.0 SageMaker LLM Endpoint sagemaker.py complete os command injection

CVE-2024-4343 | imartinez privategpt up to 0.3.0 SageMaker LLM Endpoint sagemaker.py complete os command injection

A vulnerability classified as very critical was found in imartinez privategpt up to 0.3.0. Affected by this vulnerability is the function complete of the file /private_gpt/components/llm/custom/sagemaker.py of the component SageMaker LLM Endpoint. The manipulation leads to os command injection. This vulnerability is known as CVE-2024-4343. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.