8 matches found
EUVD-2024-0055
Malicious code in bioql PyPI...
CVE-2024-23731
The OpenAPI loader in Embedchain before 0.1.57 allows attackers to execute arbitrary code, related to the openapi.py yaml.load function argument...
CVE-2024-23730
The OpenAPI and ChatGPT plugin loaders in LlamaHub aka llama-hub before 0.0.67 allow attackers to execute arbitrary code because safeload is not used for YAML...
GHSA-RHHJ-5436-95VF Code execution in Embedchain
The OpenAPI loader in Embedchain before 0.1.57 allows attackers to execute arbitrary code, related to the openapi.py yaml.load function argument...
PYSEC-2024-7
The OpenAPI loader in Embedchain before 0.1.57 allows attackers to execute arbitrary code, related to the openapi.py yaml.load function argument...
Design/Logic Flaw
The OpenAPI loader in Embedchain before 0.1.57 allows attackers to execute arbitrary code, related to the openapi.py yaml.load function argument...
PT-2024-20040 · Llamahub · Llamahub
Name of the Vulnerable Software and Affected Versions: LlamaHub aka llama-hub versions prior to 0.0.67 Description: The OpenAPI and ChatGPT plugin loaders in LlamaHub allow attackers to execute arbitrary code because safe load is not used for YAML. This issue enables attackers to execute arbitrar...
CVE-2024-23731
The OpenAPI loader in Embedchain before 0.1.57 allows attackers to execute arbitrary code, related to the openapi.py yaml.load function argument...