Description
PraisonAI before 4.6.78 fails to validate the caller-controlled dimension argument in the PGVector and Cassandra knowledge-store create_collection() backends. Although schema, keyspace, and collection-name identifiers are validated, the dimension value (declared as int but not enforced at runtime) is interpolated directly into the vector column of the generated CREATE TABLE DDL. A caller able to influence collection-creation dimensions can pass a string such as '3); DROP TABLE tenant_secrets; --' to inject SQL/CQL tokens into the statement executed by the database driver.
Problem types
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Product status
Any version before 4.6.78
4.6.78 (semver)
Credits
rexpository
References
github.com/...isonAI/security/advisories/GHSA-wf65-4jjx-q444
github.com/...isonAI/security/advisories/GHSA-wf65-4jjx-q444 (GitHub Security Advisory (GHSA-wf65-4jjx-q444))
github.com/...ommit/3aa9cbc2bd49c23a32be0a89a5e620d13d843eab
www.vulncheck.com/...-sql-cql-injection-via-vector-dimension (VulnCheck Advisory: PraisonAI before 4.6.78 SQL/CQL Injection via vector dimension)