CVE-2024-3571 | langchain-ai langchain up to 0.0.352 LocalFileStore path traversal

Inserito da Angelo Barbosa | Apr 16, 2024 | CVE

A vulnerability classified as critical has been found in langchain-ai langchain up to 0.0.352. Affected is an unknown function of the component LocalFileStore. The manipulation leads to path traversal.

This vulnerability is traded as CVE-2024-3571. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-3571 | langchain-ai langchain up to 0.0.352 LocalFileStore path traversal

Post correlati

CVE-2024-8622 | amCharts Plugin up to 1.4.4 on WordPress cross-site request forgery

CVE-2024-4130 | Lenovo App Store up to 9.0.16 uncontrolled search path

CVE-2024-22405 | MacPaw XADMaster up to 1.10.7 ZIP Archive permissions (GHSA-xg3c-r7w5-7xw2)

CVE-2024-46047 | Tenda FH451 1.0.0.9 fromDhcpListClient stack-based overflow