Опубликовано: 29 июн. 2025
Источник: github
Github: Прошло ревью
CVSS4: 2.1
CVSS3: 4.3
Описание
Langchain-Chatchat vulnerable to path traversal
A vulnerability classified as problematic was found in chatchat-space Langchain-Chatchat up to 0.3.1. This vulnerability affects unknown code of the file /v1/files?purpose=assistants. The manipulation leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Пакеты
Наименование
langchain-chatchat
pip
Затронутые версииВерсия исправления
<= 0.3.1
Отсутствует
Связанные уязвимости
CVSS3: 4.3
nvd
7 месяцев назад
A vulnerability classified as problematic was found in chatchat-space Langchain-Chatchat up to 0.3.1. This vulnerability affects unknown code of the file /v1/files?purpose=assistants. The manipulation leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.