Lucene search

@huntr_aiCVE-2024-5998

HistorySep 17, 2024 - 12:15 p.m.

CVE-2024-5998

2024-09-1712:15:02

CWE-502

@huntr_ai

web.nvd.nist.gov

vulnerability

faiss

deserialize_from_bytes

arbitrary commands

os.system

langchain-ai

pickle deserialization

untrusted data

latest version

security issue

CVSS3

5.2

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L

AI Score

5.7

Confidence

High

EPSS

Percentile

9.6%

JSON

A vulnerability in the FAISS.deserialize_from_bytes function of langchain-ai/langchain allows for pickle deserialization of untrusted data. This can lead to the execution of arbitrary commands via the os.system function. The issue affects the latest version of the product.

Affected configurations

Vulners

Vulnrichment

Node

langchain-ailangchain-ai\/langchainMatch0.2.9

VendorProductVersionCPE
langchain-ailangchain-ai\/langchain0.2.9cpe:2.3:a:langchain-ai:langchain-ai\/langchain:0.2.9:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
langchain-ai	langchain-ai\/langchain	0.2.9	cpe:2.3:a:langchain-ai:langchain-ai\/langchain:0.2.9:::::::*

CNA Affected

[
  {
    "vendor": "langchain-ai",
    "product": "langchain-ai/langchain",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "0.2.9",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

References

github.com/langchain-ai/langchain/commit/604dfe2d99246b0c09f047c604f0c63eafba31e7

huntr.com/bounties/fa3a2753-57c3-4e08-a176-d7a3ffda28fe