4 matches found
LangChain < 0.2.4 RCE
The remote host contains a langchain version that is prior to 0.2.4. It is, therefore, affected by a vulnerability in the FAISS.deserializefrombytes function of langchain-ai/langchain which allows for pickle deserialization of untrusted data. This can lead to the execution of arbitrary commands v...
CVE-2024-5998
A vulnerability in the FAISS.deserializefrombytes function of langchain-ai/langchain allows for pickle deserialization of untrusted data. This can lead to the execution of arbitrary commands via the os.system function. The issue affects the latest version of the product...
CVE-2024-5998 Deserialization of Untrusted Data in langchain-ai/langchain
A vulnerability in the FAISS.deserializefrombytes function of langchain-ai/langchain allows for pickle deserialization of untrusted data. This can lead to the execution of arbitrary commands via the os.system function. The issue affects the latest version of the product...
CVE-2024-5998 Deserialization of Untrusted Data in langchain-ai/langchain
A vulnerability in the FAISS.deserializefrombytes function of langchain-ai/langchain allows for pickle deserialization of untrusted data. This can lead to the execution of arbitrary commands via the os.system function. The issue affects the latest version of the product...