CVE-2024-3121 | parisneo lollms up to 5.9.0 create_conda_env env_name/python_version code injection

Inserito da Angelo Barbosa | Giu 24, 2024 | CVE

A vulnerability was found in parisneo lollms up to 5.9.0. It has been declared as very critical. This vulnerability affects the function create_conda_env. The manipulation of the argument env_name/python_version leads to code injection.

This vulnerability was named CVE-2024-3121. The attack can be initiated remotely. There is no exploit available.

CVE-2024-3121 | parisneo lollms up to 5.9.0 create_conda_env env_name/python_version code injection

Post correlati

CVE-2024-36801 | SEMCMS 4.8 Download.php lgid sql injection

CVE-2024-0645 | explorerplusplus Explorer++.exe 1.3.5.531 Filename memory corruption

CVE-2022-48624 | less up to 605 filename.c close_altfile Privilege Escalation

CVE-2024-41803 | xibosignage xibo-cms up to 3.3.11/4.0.13 sql injection (GHSA-hpc5-mxfq-44hv)