Arbitrary Code Injection
Overview guardrails-ai is an Adding guardrails to large language models. Affected versions of this package are vulnerable to Arbitrary Code Injection via the subprocess.checkoutput function. An attacker can execute arbitrary code by publishing a malicious package to the Hub, which is then install...