CVE-2024-3121

creationtimestamp| type| source ---|---|--- 2025-07-22 09:00:04+00:00| published-proof-of-concept| Telegram/qhX3xr89BIwKtdbCw4aj7nCv1kS1RppnrElOVH2el3Pmc 2025-07-22 15:00:06+00:00| published-proof-of-concept| Telegram/n1xxTDW4DKAqfoFBBrei6KNyXkL9LVReMZ-BWNrHaTz0OZY...

CVE-2024-3121

A remote code execution vulnerability exists in the createcondaenv function of the parisneo/lollms repository, version 5.9.0. The vulnerability arises from the use of shell=True in the subprocess.Popen function, which allows an attacker to inject arbitrary commands by manipulating the envname and...

CVE-2024-3121

Parisneo/lollms version 5.9.0 is affected by CVE-2024-3121. The issue resides in create_conda_env, where unsafely using subprocess.Popen with shell=True injects commands via env_name and python_version, enabling Remote Code Execution. The vulnerability is demonstrated by potential execution of co...

CVE-2024-3121 Remote Code Execution in create_conda_env function in parisneo/lollms

A remote code execution vulnerability exists in the createcondaenv function of the parisneo/lollms repository, version 5.9.0. The vulnerability arises from the use of shell=True in the subprocess.Popen function, which allows an attacker to inject arbitrary commands by manipulating the envname and...

CVE-2024-3121 Remote Code Execution in create_conda_env function in parisneo/lollms

A remote code execution vulnerability exists in the createcondaenv function of the parisneo/lollms repository, version 5.9.0. The vulnerability arises from the use of shell=True in the subprocess.Popen function, which allows an attacker to inject arbitrary commands by manipulating the envname and...

Rocky Linux 8 : httpd:2.4 (RLSA-2024:3121)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3121 advisory. httpd: modmacro: out-of-bounds read vulnerability CVE-2023-31122 modhttp2: reset requests exhaust memory incomplete fix of CVE-2023-44487 CVE-2023-45802...

Oracle Linux 8 : httpd:2.4 (ELSA-2024-3121)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3121 advisory. - Resolves: RHEL-14448 - httpd: modmacro: out-of-bounds read vulnerability CVE-2023-31122 - Resolves: RHEL-29817 - httpd:2.4/modhttp2: httpd:...

RHEL 8 : httpd:2.4 (RHSA-2024:3121)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3121 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modmacro:...

Moderate: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...