CVE-2024-28088 | LangChain up to 0.1.10 Configuration load_chain path path traversal

Posted by Angelo Barbosa | Mar 4, 2024 | CVE

A vulnerability classified as critical was found in LangChain up to 0.1.10. This vulnerability affects the function load_chain of the component Configuration Handler. The manipulation of the argument path leads to path traversal.

This vulnerability was named CVE-2024-28088. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-28088 | LangChain up to 0.1.10 Configuration load_chain path path traversal

Related Posts

CVE-2023-6492 | Simple Sitemap Plugin up to 3.5.13 on WordPress admin_notices cross-site request forgery

CVE-2024-8092 | Accordion Image Menu Plugin up to 3.1.3 on WordPress cross site scripting

CVE-2023-42959 | Apple macOS up to 13.x race condition

CVE-2024-0292 | Totolink LR1200GB 9.1.0u.6619_B20230130 /cgi-bin/cstecgi.cgi setOpModeCfg hostName os command injection