Lucene search
+L

5 matches found

vulnersOsv
vulnersOsv
added 2025/03/20 12:32 p.m.4 views

aiagentgraph (>=0.0.1 <=0.0.4a1), arcodeai (>=0.1.0 <=0.1.2) +48 more potentially affected by CVE-2024-10940 via langchain-core (>=0.2.0 <=0.2.41)

langchain-core PYPI version =0.2.0, =0.0.1, =0.1.0, =0.1.1, =0.4.1, =0.1.0, =0.1.3, =0.1.3, =0.0.1, =1.0.0, =0.1.4, =0.1.2, =0.3.1 and more Source cves: CVE-2024-10940 Source advisory: OSV:GHSA-5CHR-FJJV-38QV...

5.3CVSS6AI score0.00366EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/03/20 10:52 a.m.5 views

a-data-processing (=0.0.1), ab-data-processing (=0.0.1) +451 more potentially affected by CVE-2024-10940 via langchain-core (>=0.0.1 <=0.1.52)

langchain-core PYPI version =0.0.1, =0.0.18, =0.0.1, =0.0.2, =0.0.1, =0.10.5, =0.0.0.dev0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.3.2, =0.2.0, =0.3.0 and more Source cves: CVE-2024-10940 Source advisory: SNYK:PYTHON-LANGCHAINCORE-9486546...

5.3CVSS6AI score0.00366EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/03/20 10:52 a.m.5 views

aiagentgraph (>=0.0.1 <=0.0.4a1), arcodeai (>=0.1.0 <=0.1.2) +47 more potentially affected by CVE-2024-10940 via langchain-core (>=0.2.0rc1 <=0.2.41)

langchain-core PYPI version =0.2.0rc1, =0.0.1, =0.1.0, =0.1.1, =0.4.1, =0.1.0, =0.1.3, =0.1.3, =0.0.1, =1.0.0, =0.1.4, =0.1.2, =0.3.1 and more Source cves: CVE-2024-10940 Source advisory: SNYK:PYTHON-LANGCHAINCORE-9486546...

5.3CVSS6AI score0.00366EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/03/20 10:8 a.m.5 views

CVE-2024-10940 Exposure of Sensitive System Information via ImagePromptTemplate in langchain-ai/langchain

A vulnerability in langchain-core versions =0.1.17,=0.2.0,=0.3.0,0.3.15 allows unauthorized users to read arbitrary files from the host file system. The issue arises from the ability to create langchaincore.prompts.ImagePromptTemplate's and by extension langchaincore.prompts.ChatPromptTemplate's...

5.3CVSS5.3AI score0.00366EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/20 10:8 a.m.12 views

CVE-2024-10940 Exposure of Sensitive System Information via ImagePromptTemplate in langchain-ai/langchain

A vulnerability in langchain-core versions =0.1.17,=0.2.0,=0.3.0,0.3.15 allows unauthorized users to read arbitrary files from the host file system. The issue arises from the ability to create langchaincore.prompts.ImagePromptTemplate's and by extension langchaincore.prompts.ChatPromptTemplate's...

5.3CVSS0.00366EPSS
Exploits0References2
Rows per page
Query Builder