Lucene search
+L

4 matches found

Tenable Nessus
Tenable Nessus
added 2025/01/08 12:0 a.m.11 views

LangChain < 0.2.9 Vulnerability - CVE-2024-5998

The version of LangChain installed on the remote host is prior to 0.2.9. It is, therefore, affected by a deserialization vulnerability in the FAISS.deserializefrombytes function. This can lead to the execution of arbitrary commands via the os.system function. Note that Nessus has not tested for...

7.8CVSS6.5AI score0.00358EPSS
Exploits1References3
vulnersOsv
vulnersOsv
added 2024/09/17 12:30 p.m.6 views

a-data-processing (=0.0.1), ab-data-processing (=0.0.1) +346 more potentially affected by CVE-2024-5998 via langchain-community (>=0.0.1 <=0.2.1)

langchain-community PYPI version =0.0.1, =0.1.0, =0.0.2, =0.1.0, =0.0.18, =0.2.0, =0.0.1, =0.0.2, =0.0.1, =0.0.1, =0.19.0, =0.30.0 and more Source cves: CVE-2024-5998 Source advisory: SNYK:PYTHON-LANGCHAINCOMMUNITY-11356595...

7.8CVSS6AI score0.00358EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2024/09/17 11:50 a.m.15 views

CVE-2024-5998 Deserialization of Untrusted Data in langchain-ai/langchain

A vulnerability in the FAISS.deserializefrombytes function of langchain-ai/langchain allows for pickle deserialization of untrusted data. This can lead to the execution of arbitrary commands via the os.system function. The issue affects the latest version of the product...

5.2CVSS7.4AI score0.00358EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/09/17 11:50 a.m.44 views

CVE-2024-5998 Deserialization of Untrusted Data in langchain-ai/langchain

A vulnerability in the FAISS.deserializefrombytes function of langchain-ai/langchain allows for pickle deserialization of untrusted data. This can lead to the execution of arbitrary commands via the os.system function. The issue affects the latest version of the product...

5.2CVSS0.00358EPSS
Exploits1References2
Rows per page
Query Builder