PT-2024-38570 · Langchain Ai · Langchainjs
Name of the Vulnerable Software and Affected Versions: langchain-ai/langchainjs version 0.2.5 Description: A path traversal issue exists in the getFullPath method, allowing attackers to save files anywhere in the filesystem, overwrite existing text files, read .txt files, and delete files. The...