2 matches found
agent-actors (=0.1.0), agent-lab-sdk (>=0.1.7 <=0.1.16) +347 more potentially affected by CVE-2024-3571 via langchain (>=0.0.100 <=0.0.352)
langchain PYPI version =0.0.100, =0.1.7, =0.2.1, =0.1.0, =0.1.0, =0.1.5, =0.0.2, =0.0.1, =0.0.1, =0.0.1, =0.8.0, =0.0.1, =0.1.8, =0.0.5, =0.0.6 and more Source cves: CVE-2024-3571 Source advisory: OSV:GHSA-RGP8-PM28-3759...
CVE-2024-3571 Path Traversal in langchain-ai/langchain
langchain-ai/langchain is vulnerable to path traversal due to improper limitation of a pathname to a restricted directory 'Path Traversal' in its LocalFileStore functionality. An attacker can leverage this vulnerability to read or write files anywhere on the filesystem, potentially leading to...