Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:25 a.m.10 views

CVE-2024-0243

With the following crawler configuration: python from bs4 import BeautifulSoup as Soup url = "https://example.com" loader = RecursiveUrlLoader url=url, maxdepth=2, extractor=lambda x: Soupx, "html.parser".text docs = loader.load An attacker in control of the contents of https://example.com could...

8.1CVSS7.8AI score0.00517EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2024/02/26 6:30 p.m.4 views

a-data-processing (=0.0.1), ab-data-processing (=0.0.1) +379 more potentially affected by CVE-2024-0243 via langchain (>=0.0.100 <=0.0.96)

langchain PYPI version =0.0.100, =0.1.7, =0.2.1, =0.1.0, =0.1.0, =0.1.5, =0.0.2, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.8.0, =0.8.5 and more Source cves: CVE-2024-0243 Source advisory: OSV:GHSA-H9J7-5XVC-QHG5...

8.1CVSS5.8AI score0.00517EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2024/02/26 4:27 p.m.3 views

genai-agents (>=0.1.0 <=0.1.3), openagi (>=0.1.0b0 <=0.1.0b4) potentially affected by CVE-2024-0243 via langchain-exa (=0.0.1)

langchain-exa PYPI version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on langchain-exa and may be impacted: - genai-agents =0.1.0, =0.1.0b0, =0.1.0b4 Source cves: CVE-2024-0243 Source advisory: OSV:PYSEC-2024-235...

8.1CVSS6.1AI score0.00517EPSS
Exploits1
NVD
NVD
added 2024/02/26 4:27 p.m.9 views

CVE-2024-0243

With the following crawler configuration: python from bs4 import BeautifulSoup as Soup url = "https://example.com" loader = RecursiveUrlLoader url=url, maxdepth=2, extractor=lambda x: Soupx, "html.parser".text docs = loader.load An attacker in control of the contents of https://example.com could...

8.1CVSS4AI score0.00517EPSS
Exploits1References3
OSV
OSV
added 2024/02/24 5:59 p.m.15 views

CVE-2024-0243 Server-side Request Forgery In Recursive URL Loader

With the following crawler configuration: python from bs4 import BeautifulSoup as Soup url = "https://example.com" loader = RecursiveUrlLoader url=url, maxdepth=2, extractor=lambda x: Soupx, "html.parser".text docs = loader.load An attacker in control of the contents of https://example.com could...

3.7CVSS6.3AI score0.00517EPSS
Exploits1References5
CVE
CVE
added 2024/02/24 5:59 p.m.89 views

CVE-2024-0243

LangChain’s CVE-2024-0243 describes an SSRF in the RecursiveUrlLoader used by LangChain, where an attacker controlling the content at a base URL (e.g., https://example.com) can inject links that cause the crawler to fetch external URLs despite prevent_outside being set. The issue is fixed in the ...

8.1CVSS3.8AI score0.00517EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder