CVE-2024-48141

Published
View on NVD ↗
CVSS v3
7.5
HIGH
CVSS v2
N/A
Affected
2
PROJECTS

Description

A prompt injection vulnerability in the chatbox of Zhipu AI CodeGeeX v2.17.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message.

soursec/CVEs
soursec/CVEs
This repository contains CVEs assigned to me.
GitHubGitHub
6
CodeGeeX: AI Coding Assistant
CodeGeeX: AI Coding Assistant
CodeGeeX is an AI-based coding assistant, which can suggest code in the current or following lines. It is powered by a large-scale multilingual code generation model with 13 billion parameters, pretrained on a large code corpus of more than 20 programming languages.
Visual Studio MarketplaceVisual Studio Marketplace