CVE-2024-3121 | parisneo lollms up to 5.9.0 create_conda_env env_name/python_version code injection

Posted by Angelo Barbosa | Jun 24, 2024 | CVE

A vulnerability was found in parisneo lollms up to 5.9.0. It has been declared as very critical. This vulnerability affects the function create_conda_env. The manipulation of the argument env_name/python_version leads to code injection.

This vulnerability was named CVE-2024-3121. The attack can be initiated remotely. There is no exploit available.

CVE-2024-3121 | parisneo lollms up to 5.9.0 create_conda_env env_name/python_version code injection

Related Posts

CVE-2024-25631 | Cilium up to 1.14.6 External kvstore missing encryption (GHSA-x989-52fc-4vr4)

CVE-2024-37568 | Authlib up to 1.3.0 Asymmetric Public Key jwt.decode Privilege Escalation (Issue 654)

CVE-2024-6007 | Netentsec NS-ASG Application Security Gateway 6.3 deleteiscgwrouteconf.php messagecontent sql injection

CVE-2024-4728 | Campcodes Legal Case Management System 1.0 /admin/court court_name cross site scripting