Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:45647
HistoryFeb 27, 2024 - 9:32 a.m.

Arbitrary Code Execution

2024-02-2709:32:18
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
arbitrary code execution
langchain
command execution
vulnerability
software

7.9 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

langchain is vulnerable to Arbitrary Code Execution. The vulnerability is due to lack of prohibition against the command execution attributes in pal_chain/base.py. The attacker can execute arbitrary commands via these attributes.

Related

osv 5
nvd 2
github 2
cvelist 2
vulnrichment 1
cve 2
prion 1
osv
osv
CVE-2024-27444
2024-02-26 16:28:00
LangChain Experimental vulnerable to arbitrary code execution
2024-02-26 18:30:31
langchain_experimental Code Execution via Python REPL access
2024-06-16 15:30:44
nvd
nvd
CVE-2024-38459
2024-06-16 15:15:51
CVE-2024-27444
2024-02-26 16:28:00
github
github
langchain_experimental Code Execution via Python REPL access
2024-06-16 15:30:44
LangChain Experimental vulnerable to arbitrary code execution
2024-02-26 18:30:31
cvelist
cvelist
CVE-2024-38459
2024-06-16 00:00:00
CVE-2024-27444
2024-02-26 00:00:00
vulnrichment
vulnrichment
CVE-2024-38459
2024-06-16 00:00:00
cve
cve
CVE-2024-38459
2024-06-16 15:15:51
CVE-2024-27444
2024-02-26 16:28:00
prion
prion
Authentication flaw
2024-02-26 16:28:00

7.9 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON
Related for VERACODE:45647
osv5nvd2github2cvelist2vulnrichment1cve2prion1