Количество 2
Количество 2
CVE-2025-6518
A vulnerability was found in PySpur-Dev pyspur up to 0.1.18. It has been classified as critical. Affected is the function SingleLLMCallNode of the file backend/pyspur/nodes/llm/single_llm_call.py of the component Jinja2 Template Handler. The manipulation of the argument user_message leads to improper neutralization of special elements used in a template engine. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
GHSA-8gff-cf92-72pv
pyspur Incomplete Filtering of Special Elements allowed by SingleLLMCallNode function
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-6518 A vulnerability was found in PySpur-Dev pyspur up to 0.1.18. It has been classified as critical. Affected is the function SingleLLMCallNode of the file backend/pyspur/nodes/llm/single_llm_call.py of the component Jinja2 Template Handler. The manipulation of the argument user_message leads to improper neutralization of special elements used in a template engine. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | CVSS3: 6.3 | 0% Низкий | 8 месяцев назад |
| GHSA-8gff-cf92-72pv pyspur Incomplete Filtering of Special Elements allowed by SingleLLMCallNode function | CVSS3: 6.3 | 0% Низкий | 8 месяцев назад |
Уязвимостей на страницу