Lucene search
HistoryFeb 26, 2024 - 4:28 p.m.
CVE-2024-27444
cve-2024-27444
langchain
langchain experimental
bypass
arbitrary code
python
security vulnerability
langchain_experimental (aka LangChain Experimental) in LangChain before 0.1.8 allows an attacker to bypass the CVE-2023-44467 fix and execute arbitrary code via the import, subclasses, builtins, globals, getattribute, bases, mro, or base attribute in Python code. These are not prohibited by pal_chain/base.py.
Related
nvd
nvd
osv
osv
CVE-2024-27444
2024-02-26 16:28:00
LangChain Experimental vulnerable to arbitrary code execution
2024-02-26 18:30:31
langchain_experimental Code Execution via Python REPL access
2024-06-16 15:30:44
github
github
LangChain Experimental vulnerable to arbitrary code execution
2024-02-26 18:30:31
langchain_experimental Code Execution via Python REPL access
2024-06-16 15:30:44
prion
prion
Authentication flaw
2024-02-26 16:28:00
Design/Logic Flaw
2023-10-09 20:15:00
cvelist
cvelist
veracode
veracode
Arbitrary Code Execution
2024-02-27 09:32:18
Code Injection
2023-10-11 06:12:48
vulnrichment
vulnrichment
CVE-2024-38459
2024-06-16 00:00:00
cve
cve
CVE-2024-38459
2024-06-16 15:15:51
CVE-2023-44467
2023-10-09 20:15:10