Lucene search
+L

93 matches found

Vulnrichment
Vulnrichment
added 2024/07/30 12:0 a.m.9 views

CVE-2024-39010

chase-moskal snapstate v0.0.9 was discovered to contain a prototype pollution via the function attemptNestedProperty. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

8.2AI score0.00912EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/07/30 12:0 a.m.23 views

CVE-2024-39010

chase-moskal snapstate v0.0.9 was discovered to contain a prototype pollution via the function attemptNestedProperty. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

0.00912EPSS
Exploits1References1
OSV
OSV
added 2024/07/30 12:0 a.m.16 views

CVE-2024-39010

chase-moskal snapstate v0.0.9 was discovered to contain a prototype pollution via the function attemptNestedProperty. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

9.8CVSS8.2AI score0.00912EPSS
Exploits1References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 12:38 p.m.4 views

Malicious code in down_load_ebook_branding_lo_que_necesita_saber_acerca_de_la_const_by_chase_barlow_patbz (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
CVE
CVE
added 2024/03/01 11:31 a.m.90 views

CVE-2024-2057

CVE-2024-2057 affects LangChain langchain_community 0.0.26, specifically the TFIDFRetriever’s load_local in libs/community/langchain_community/retrievers/tfidf.py. The vulnerability enables server-side request forgery (SSRF) and is exploitable remotely; public disclosure exists. Upgrading to 0.0....

9.8CVSS6.5AI score0.00578EPSS
Exploits0References5Affected Software1
Openbugbounty
Openbugbounty
added 2023/11/27 1:9 a.m.8 views

chasehotelgroup.com Improper Access Control vulnerability OBB-3795523

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2023/11/02 4:19 p.m.23 views

Wiz inducted into the JPMorgan Chase Hall of Innovation

We're excited to announce that JPMorgan Chase has made Wiz a new member of their Hall of Innovation!...

7.2AI score
Exploits0
Github Security Blog
Github Security Blog
added 2023/08/15 6:31 p.m.23 views

LangChain vulnerable to arbitrary code execution

An issue in Harrison Chase langchain before version 0.0.236 allows a remote attacker to execute arbitrary code via the frommathprompt and fromcoloredobjectprompt functions...

9.8CVSS9.7AI score0.01515EPSS
Exploits1References8Affected Software1
NVD
NVD
added 2023/08/15 5:15 p.m.19 views

CVE-2023-38896

An issue in Harrison Chase langchain v.0.0.194 and before allows a remote attacker to execute arbitrary code via the frommathprompt and fromcoloredobjectprompt functions...

9.8CVSS9.6AI score0.01515EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/08/15 12:0 a.m.15 views

CVE-2023-38896

An issue in Harrison Chase langchain v.0.0.194 and before allows a remote attacker to execute arbitrary code via the frommathprompt and fromcoloredobjectprompt functions...

7.8AI score0.01515EPSS
Exploits1References3
CVE
CVE
added 2023/08/15 12:0 a.m.76 views

CVE-2023-38896

CVE-2023-38896 affects Harrison Chase LangChain up to and including versions before 0.0.236 (per OSV and GHSA) and up to v0.0.194 and earlier (per NVD). It enables remote arbitrary code execution via from_math_prompt and from_colored_object_prompt due to improper neutralization of user input. Imp...

9.8CVSS9.6AI score0.01515EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/08/15 12:0 a.m.29 views

CVE-2023-38896

An issue in Harrison Chase langchain v.0.0.194 and before allows a remote attacker to execute arbitrary code via the frommathprompt and fromcoloredobjectprompt functions...

9.9AI score0.01515EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/08/15 12:0 a.m.6 views

PT-2023-26673 · Harrison Chase · Langchain

Name of the Vulnerable Software and Affected Versions: Harrison Chase langchain versions 0.0.194 and before Harrison Chase langchain versions prior to 0.0.236 Description: An issue in Harrison Chase langchain allows a remote attacker to execute arbitrary code via the from math prompt and from...

9.8CVSS9.6AI score0.01515EPSS
Exploits1References14
OSV
OSV
added 2023/08/15 12:0 a.m.18 views

CVE-2023-38896

An issue in Harrison Chase langchain v.0.0.194 and before allows a remote attacker to execute arbitrary code via the frommathprompt and fromcoloredobjectprompt functions...

9.8CVSS8.1AI score0.01515EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2023/08/05 3:30 a.m.106 views

langchain Code Injection vulnerability

An issue in Harrison Chase langchain allows an attacker to execute arbitrary code via the PALChain,frommathpromptllm.run in the python exec method...

9.8CVSS7.8AI score0.01062EPSS
Exploits1References11Affected Software1
NVD
NVD
added 2023/08/05 3:15 a.m.26 views

CVE-2023-36095

An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include frommathprompt and fromcoloredobjectprompt...

9.8CVSS9.7AI score0.01062EPSS
Exploits1References2
Prion
Prion
added 2023/08/05 3:15 a.m.23 views

Design/Logic Flaw

An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include frommathprompt and fromcoloredobjectprompt...

7.5CVSS9.7AI score0.01062EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/05 12:0 a.m.16 views

CVE-2023-36095

An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include frommathprompt and fromcoloredobjectprompt...

7.7AI score0.01062EPSS
Exploits1References2
OSV
OSV
added 2023/08/05 12:0 a.m.22 views

CVE-2023-36095

An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include frommathprompt and fromcoloredobjectprompt...

9.8CVSS8AI score0.01062EPSS
Exploits1References4
Cvelist
Cvelist
added 2023/08/05 12:0 a.m.36 views

CVE-2023-36095

An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include frommathprompt and fromcoloredobjectprompt...

9.9AI score0.01062EPSS
Exploits1References2
Rows per page
Query Builder