CVE-2024-8309 | langchain-ai langchain up to 0.2.x GraphCypherQAChain sql injection

Posted by Angelo Barbosa | Oct 29, 2024 | CVE

A vulnerability was found in langchain-ai langchain up to 0.2.x. It has been classified as critical. Affected is the function GraphCypherQAChain. The manipulation leads to sql injection.

This vulnerability is traded as CVE-2024-8309. The attack needs to be approached locally. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-8309 | langchain-ai langchain up to 0.2.x GraphCypherQAChain sql injection

Related Posts

CVE-2024-27138 | Apache Archiva up to 2.0.0 User Registration authorization

CVE-2024-0978 | My Private Site Plugin up to 3.0.14 on WordPress REST API information disclosure

CVE-2024-7682 | code-projects Job Portal 1.0 rw_i_nat.php id sql injection

CVE-2024-8418 | Aardvark-dns 1.12.0/1.12.1 TCP Query denial of service