Lucene search
Veracode Vulnerability DatabaseVERACODE:41058HistoryJun 28, 2023 - 7:58 a.m.
Arbitrary Code Execution
2023-06-2807:58:44
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
langchain
arbitrary code execution
vulnerability
load_prompt method
software
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
54.8%
langchain is vulnerable to Arbitrary Code Execution. The vulnerability exists because it does not properly validate the load_prompt method, which allows an attacker to execute malicious code on the system.
Related
osv
osv
PYSEC-2023-92
2023-06-20 15:15:00
CVE-2023-34541
2023-06-20 15:15:11
Langchain vulnerable to arbitrary code execution
2023-06-20 15:31:09
prion
prion
Code injection
2023-06-20 15:15:00
nvd
nvd
CVE-2023-34541
2023-06-20 15:15:11
cve
cve
CVE-2023-34541
2023-06-20 15:15:11
cvelist
cvelist
CVE-2023-34541
2023-06-20 00:00:00
github
github
Langchain vulnerable to arbitrary code execution
2023-06-20 15:31:09
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
54.8%
Related for VERACODE:41058