CVE-2024-5998 | langchain-ai langchain up to 0.2.8 FAISS.deserialize_from_bytes deserialization

Inserito da Angelo Barbosa | Set 17, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in langchain-ai langchain up to 0.2.8. Affected by this issue is the function FAISS.deserialize_from_bytes. The manipulation leads to deserialization.

This vulnerability is handled as CVE-2024-5998. It is possible to launch the attack on the physical device. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-5998 | langchain-ai langchain up to 0.2.8 FAISS.deserialize_from_bytes deserialization

Post correlati

CVE-2024-41924 | EC-CUBE PHP Package access control

CVE-2024-50507 | Daniel Schmitzer DS.DownloadList Plugin up to 1.3 on WordPress deserialization

CVE-2023-1111 | FastCMS up to 0.1.5 New Article Tab Title cross site scripting (I8ERNV)

CVE-2023-32190 | SUSE openSUSE Tumbleweed up to 37.0 Local Privilege Escalation