3 matches found
agentic-layer-testbench (>=0.9.1 <=0.9.3), agentic-qa (>=0.1.0 <=0.2.1) +56 more potentially affected by CVE-2025-45691 +1 more via ragas (>=0.2.6 <=0.4.3)
ragas PYPI version =0.2.6, =0.9.1, =0.1.0, =0.1.2, =0.1.0a1, =1.0.8, =0.1.6, =11.1.12, =0.20.24, =0.1.1, =1.0.0, =1.1.0, =0.1.0, =0.1.0, =0.1.4 and more Source cves: CVE-2025-45691, CVE-2026-6587 Source advisory: SNYK:PYTHON-RAGAS-16134617...
RAGAS has SSRF via Multi-Modal Faithfulness Collections Module
A security flaw has been discovered in vibrantlabsai RAGAS up to 0.4.3. The affected element is the function tryprocesslocalfile/tryprocessurl of the file src/ragas/metrics/collections/multimodalfaithfulness/util.py of the component Collections Module. Performing a manipulation of the argument...
langevals-ragas (>=0.1.10 <=0.1.17), llama-stack-provider-ragas (>=0.3.4 <=0.6.1) +1 more potentially affected by CVE-2025-45691 via ragas (>=0.2.6 <=0.3.0)
ragas PYPI version =0.2.6, =0.1.10, =0.3.4, =1.0.0, =1.0.1 Source cves: CVE-2025-45691 Source advisory: SNYK:PYTHON-RAGAS-15440561...