Plattform
python
Komponente
vanna-ai/vanna
A Server-Side Request Forgery (SSRF) vulnerability has been identified in vanna-ai/vanna, specifically when utilizing DuckDB as the database backend. This flaw allows attackers to craft malicious SQL queries that leverage DuckDB's functionalities, such as readcsv, readcsvauto, readtext, and read_blob, to initiate unauthorized requests to both internal and external resources. The vulnerability impacts all versions of vanna-ai/vanna up to the latest release, and a patch is expected to address this issue.
The SSRF vulnerability in vanna-ai/vanna poses a significant risk because it enables attackers to bypass security controls and access resources that should be protected. By crafting specific SQL queries, an attacker can manipulate DuckDB into making requests to internal services, external APIs, or even arbitrary URLs. This could lead to the exfiltration of sensitive data stored within the system, unauthorized access to internal network resources, and potentially, the launching of further attacks against other systems. The ability to read arbitrary files via read_csv and related functions expands the potential attack surface considerably, allowing attackers to potentially read configuration files or other sensitive data.
CVE-2024-8099 was publicly disclosed on 2025-03-20. The vulnerability's severity is rated HIGH (CVSS 8.3). Currently, there are no known public proof-of-concept exploits available. It is not listed on the CISA KEV catalog at the time of writing. The ease of exploitation depends on the configuration of the DuckDB instance and the network environment.
Organizations utilizing vanna-ai/vanna with DuckDB as the database backend are at risk. This includes those deploying vanna-ai/vanna in environments with sensitive data or internal systems that require protection. Shared hosting environments where multiple users share the same vanna-ai/vanna instance are particularly vulnerable.
• python / server:
import os
import subprocess
# Check for DuckDB version and potential SSRF vulnerabilities
result = subprocess.run(['duckdb', '--version'], capture_output=True, text=True)
if 'duckdb' in result.stdout.lower():
print("DuckDB is installed. Investigate potential SSRF vulnerabilities.")• generic web:
curl -I 'http://your-vanna-ai-instance/duckdb_ssrf_test' # Check for unexpected responses or redirectsdisclosure
Exploit-Status
EPSS
0.09% (26% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2024-8099 is to upgrade to a patched version of vanna-ai/vanna as soon as it becomes available. Until a patch is released, consider implementing temporary workarounds to limit the impact of the vulnerability. These workarounds may include restricting network access for the DuckDB instance, implementing strict input validation on SQL queries to prevent malicious commands, and utilizing a Web Application Firewall (WAF) to filter out suspicious requests. Monitor DuckDB logs for unusual activity, particularly requests to unexpected URLs. After upgrading, verify the fix by attempting to trigger the SSRF vulnerability with a known malicious query and confirming that the request is blocked or fails.
Aktualisieren Sie die Bibliothek vanna-ai/vanna auf die neueste verfügbare Version. Dies sollte die Korrektur für die SSRF-Schwachstelle enthalten. Überprüfen Sie die Versionshinweise, um zu bestätigen, dass die Schwachstelle behoben wurde.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-8099 is a Server-Side Request Forgery vulnerability in vanna-ai/vanna that allows attackers to make unauthorized requests through DuckDB's read_csv functions, potentially accessing sensitive data.
If you are using vanna-ai/vanna with DuckDB as the database and have not upgraded to a patched version, you are potentially affected by this SSRF vulnerability.
The recommended fix is to upgrade to a patched version of vanna-ai/vanna as soon as it becomes available. Until then, implement workarounds like restricting network access and input validation.
As of the current disclosure date, there are no confirmed reports of active exploitation, but the vulnerability's severity warrants immediate attention and mitigation.
Refer to the official vanna-ai project repository and security advisories for updates and the latest information regarding CVE-2024-8099.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.