Security Advisory

CVE-2024-27444

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-02-26 00:00:00

Last updated 2024-08-06 15:13:44

Assigner mitre

State PUBLISHED

Description

langchain_experimental (aka LangChain Experimental) in LangChain before 0.1.8 allows an attacker to bypass the CVE-2023-44467 fix and execute arbitrary code via the __import__, __subclasses__, __builtins__, __globals__, __getattribute__, __bases__, __mro__, or __base__ attribute in Python code. These are not prohibited by pal_chain/base.py.

← Browse all CVEs View on cve.org ↗