93 matches found
CVE-2024-39010
chase-moskal snapstate v0.0.9 was discovered to contain a prototype pollution via the function attemptNestedProperty. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
CVE-2024-39010
chase-moskal snapstate v0.0.9 was discovered to contain a prototype pollution via the function attemptNestedProperty. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
CVE-2024-39010
chase-moskal snapstate v0.0.9 was discovered to contain a prototype pollution via the function attemptNestedProperty. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
Malicious code in down_load_ebook_branding_lo_que_necesita_saber_acerca_de_la_const_by_chase_barlow_patbz (npm)
--- -= Per source details. Do not edit below this line.=-...
CVE-2024-2057
CVE-2024-2057 affects LangChain langchain_community 0.0.26, specifically the TFIDFRetriever’s load_local in libs/community/langchain_community/retrievers/tfidf.py. The vulnerability enables server-side request forgery (SSRF) and is exploitable remotely; public disclosure exists. Upgrading to 0.0....
chasehotelgroup.com Improper Access Control vulnerability OBB-3795523
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Wiz inducted into the JPMorgan Chase Hall of Innovation
We're excited to announce that JPMorgan Chase has made Wiz a new member of their Hall of Innovation!...
LangChain vulnerable to arbitrary code execution
An issue in Harrison Chase langchain before version 0.0.236 allows a remote attacker to execute arbitrary code via the frommathprompt and fromcoloredobjectprompt functions...
CVE-2023-38896
An issue in Harrison Chase langchain v.0.0.194 and before allows a remote attacker to execute arbitrary code via the frommathprompt and fromcoloredobjectprompt functions...
CVE-2023-38896
An issue in Harrison Chase langchain v.0.0.194 and before allows a remote attacker to execute arbitrary code via the frommathprompt and fromcoloredobjectprompt functions...
CVE-2023-38896
CVE-2023-38896 affects Harrison Chase LangChain up to and including versions before 0.0.236 (per OSV and GHSA) and up to v0.0.194 and earlier (per NVD). It enables remote arbitrary code execution via from_math_prompt and from_colored_object_prompt due to improper neutralization of user input. Imp...
CVE-2023-38896
An issue in Harrison Chase langchain v.0.0.194 and before allows a remote attacker to execute arbitrary code via the frommathprompt and fromcoloredobjectprompt functions...
PT-2023-26673 · Harrison Chase · Langchain
Name of the Vulnerable Software and Affected Versions: Harrison Chase langchain versions 0.0.194 and before Harrison Chase langchain versions prior to 0.0.236 Description: An issue in Harrison Chase langchain allows a remote attacker to execute arbitrary code via the from math prompt and from...
CVE-2023-38896
An issue in Harrison Chase langchain v.0.0.194 and before allows a remote attacker to execute arbitrary code via the frommathprompt and fromcoloredobjectprompt functions...
langchain Code Injection vulnerability
An issue in Harrison Chase langchain allows an attacker to execute arbitrary code via the PALChain,frommathpromptllm.run in the python exec method...
CVE-2023-36095
An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include frommathprompt and fromcoloredobjectprompt...
Design/Logic Flaw
An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include frommathprompt and fromcoloredobjectprompt...
CVE-2023-36095
An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include frommathprompt and fromcoloredobjectprompt...
CVE-2023-36095
An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include frommathprompt and fromcoloredobjectprompt...
CVE-2023-36095
An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include frommathprompt and fromcoloredobjectprompt...