Security Advisory

CVE-2024-23730

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-01-21 00:00:00

Last updated 2025-05-30 14:23:56

Assigner mitre

State PUBLISHED

Description

The OpenAPI and ChatGPT plugin loaders in LlamaHub (aka llama-hub) before 0.0.67 allow attackers to execute arbitrary code because safe_load is not used for YAML.

← Browse all CVEs View on cve.org ↗