AIKIDO-2026-10245
llm-sandbox is vulnerable to Command Injection
85
High Risk
This Affects:
llm-sandboxTL;DR
Affected versions of this package are vulnerable to command injection and path traversal due to insufficient validation and sanitization of user-controlled file paths and command arguments. File paths passed to container runtime operations are incorporated into shell commands without proper quoting, allowing an attacker to inject arbitrary commands. Additionally, destination paths used when copying files into containers are not validated, allowing traversal sequences such as .. to escape intended sandbox directories. Successful exploitation may result in arbitrary command execution within the container or access to unintended filesystem locations. The issue is fixed by properly quoting command arguments and validating container paths to prevent traversal sequences.
Who does this affect?
You are affected if you are using a version that falls within the vulnerable range.
Background info
llm-sandbox is vulnerable to Command Injection in versions 0.0.1 - 0.3.34.
How to fix this
Upgrade the llm-sandbox library to the patch version.
Are You Affected?
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.
SOC 2Compliant
ISO 27001Compliant