Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-wmvm-9vqv-5qpp: langchain_experimental Code Execution via Python REPL access

langchain_experimental (aka LangChain Experimental) before 0.0.61 for LangChain provides Python REPL access without an opt-in step. NOTE; this issue exists because of an incomplete fix for CVE-2024-27444.

ghsa
#git#ssl

langchain_experimental Code Execution via Python REPL access

Moderate severity GitHub Reviewed Published Jun 16, 2024 to the GitHub Advisory Database • Updated Jun 17, 2024

ghsa: Latest News

GHSA-rhm9-gp5p-5248: Gradio vulnerable to arbitrary file read with File and UploadButton components