CVE-2024-28088 | LangChain up to 0.1.10 Configuration load_chain path path traversal

Posted by Angelo Barbosa | Mar 4, 2024 | CVE

A vulnerability classified as critical was found in LangChain up to 0.1.10. This vulnerability affects the function load_chain of the component Configuration Handler. The manipulation of the argument path leads to path traversal.

This vulnerability was named CVE-2024-28088. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-28088 | LangChain up to 0.1.10 Configuration load_chain path path traversal

Related Posts

CVE-2024-28878 | IOSiX IO-1020 Micro ELD prior 360 code download (icsa-24-093-01)

CVE-2024-5502 | Piotnet Addons for Elementor Plugin up to 2.4.30 on WordPress Widget cross site scripting

CVE-2024-10917 | Eclipse Open J9 up to 0.47.0 JNI GetStringUTFLength integer overflow (Issue 47)

CVE-2024-47292 | Huawei HarmonyOS/EMUI Bluetooth Module path traversal