CVE-2024-1455 | langchain-ai LangChain XMLOutputParser xml entity expansion

Inserito da Angelo Barbosa | Mar 26, 2024 | CVE

A vulnerability classified as problematic has been found in langchain-ai LangChain. This affects the function XMLOutputParser. The manipulation leads to xml entity expansion.

This vulnerability is uniquely identified as CVE-2024-1455. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-1455 | langchain-ai LangChain XMLOutputParser xml entity expansion

Post correlati

CVE-2024-7520 | Mozilla Firefox up to 128 WebAssembly type confusion

CVE-2024-50079 | Linux Kernel up to 6.11.4 io_uring_cancel_generic state issue (887ba598d9cf/8f7033aa4089)

CVE-2023-6200 | Linux Kernel up to 6.7-rc6 ICMPv6 Router Advertisement Packet race condition

CVE-2024-28745 | AbemaTV ABEMA App prior 10.65.0 on Android access control