6 matches found
CVE-2026-34148
Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Prior to 1.9.6, 1.10.5, 2.0.8, and 2.1.1, @fedify/fedify follows HTTP redirects recursively in its remote document loader and authenticated document loader without enforcing a maximum redirect count or...
PT-2026-30656
Name of the Vulnerable Software and Affected Versions: Fedify versions prior to 1.9.6, 1.10.5, 2.0.8, and 2.1.1 Description: Fedify does not enforce a maximum redirect count or visited-URL loop detection when following HTTP redirects in its remote and authenticated document loaders. An attacker...
EUVD-2023-0119
Malicious code in bioql PyPI...
CVE-2023-46229
LangChain before 0.0.317 allows SSRF via documentloaders/recursiveurlloader.py because crawling can proceed from an external server to an internal server...
CVE-2023-46229
LangChain before 0.0.317 allows SSRF via documentloaders/recursiveurlloader.py because crawling can proceed from an external server to an internal server...
Server side request forgery (ssrf)
LangChain before 0.0.317 allows SSRF via documentloaders/recursiveurlloader.py because crawling can proceed from an external server to an internal server...