5 matches found
apsbot (>=0.2.0 <=0.3.1), askagent (>=0.1.0 <=0.1.1) +35 more potentially affected by CVE-2024-38459 via langchain-experimental (>=0.0.10 <=0.0.60)
langchain-experimental PYPI version =0.0.10, =0.2.0, =0.1.0, =0.0.3, =0.1.1, =0.0.1a1, =0.0.1, =0.1.0, =0.1.4, =0.1.0, =0.1.21, =0.1.27 - lang-wrapper-for-rag =0.0.1 and more Source cves: CVE-2024-38459 Source advisory: OSV:PYSEC-2024-53...
CVE-2024-38459
CVE-2024-38459 affects langchain_experimental before 0.0.61. The issue allows Python REPL access without an opt-in step, a residual from an incomplete fix for CVE-2024-27444. Impact is described as high with local attack vector, requiring user interaction, and involving potential total impact to ...
CVE-2024-38459
langchainexperimental aka LangChain Experimental before 0.0.61 for LangChain provides Python REPL access without an opt-in step. NOTE; this issue exists because of an incomplete fix for CVE-2024-27444...
CVE-2024-38459
langchainexperimental aka LangChain Experimental before 0.0.61 for LangChain provides Python REPL access without an opt-in step. NOTE; this issue exists because of an incomplete fix for CVE-2024-27444...
CVE-2024-38459
langchainexperimental aka LangChain Experimental before 0.0.61 for LangChain provides Python REPL access without an opt-in step. NOTE; this issue exists because of an incomplete fix for CVE-2024-27444...