Lucene search

CVE-2024-7774 Path Traversal in langchain-ai/langchainjs

🗓️ 29 Oct 2024 12:21:49Reported by @huntr_aiType

Path Traversal in langchain-ai/langchainjs version 0.2.5

Reporter	Title	Published	Views	Family All 9
OSV	CGA-pmgr-vj55-v49h	26 Nov 202415:21	–	osv
OSV	PYSEC-2024-111	29 Oct 202413:15	–	osv
OSV	Langchain Path Traversal vulnerability	29 Oct 202415:32	–	osv
OSV	CVE-2024-7774	29 Oct 202413:15	–	osv
Vulnrichment	CVE-2024-7774 Path Traversal in langchain-ai/langchainjs	29 Oct 202412:49	–	vulnrichment
NVD	CVE-2024-7774	29 Oct 202413:15	–	nvd
CVE	CVE-2024-7774	29 Oct 202413:15	–	cve
Tenable Nessus	LangChain < 0.2.5 Arbitrary File Write	8 Jan 202500:00	–	nessus
Github Security Blog	Langchain Path Traversal vulnerability	29 Oct 202415:32	–	github

[
  {
    "vendor": "langchain-ai",
    "product": "langchain-ai/langchainjs",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "0.2.19",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
huntr	www.huntr.com/bounties/8fe40685-b714-4191-af7a-3de5e5628cee
github	www.github.com/langchain-ai/langchainjs/commit/a0fad77d6b569e5872bd4a9d33be0c0785e538a9

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

29 Oct 2024 12:49Current

CVSS36.5

EPSS0.001

CWE-29