6 matches found
CVE-2026-34936
PraisonAI is a multi-agent teams system. Prior to version 4.5.90, passthrough and apassthrough in praisonai accept a caller-controlled apibase parameter that is concatenated with endpoint and passed directly to httpx.Client.request when the litellm primary path raises AttributeError. No URL schem...
PYSEC-2024-186
RestrictedPython is a restricted execution environment for Python to run untrusted code. A user can gain access to protected and potentially sensible information indirectly via AttributeError.obj and the string module. The problem will be fixed in version 7.3. As a workaround, If the application...
UBUNTU-CVE-2024-47532
RestrictedPython is a restricted execution environment for Python to run untrusted code. A user can gain access to protected and potentially sensible information indirectly via AttributeError.obj and the string module. The problem will be fixed in version 7.3. As a workaround, If the application...
CVE-2024-47532 RestrictedPython information leakage via `AttributeError.obj` and the `string` module
RestrictedPython is a restricted execution environment for Python to run untrusted code. A user can gain access to protected and potentially sensible information indirectly via AttributeError.obj and the string module. The problem will be fixed in version 7.3. As a workaround, If the application...
CVE-2020-6860
libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute...
CVE-2017-13692
In Tidy 5.5.31, the IsURLCodePoint function in attrs.c allows attackers to cause a denial of service Segmentation Fault, as demonstrated by an invalid ISALNUM argument...