Langchain Js
1 CVEs
product
Monthly
A path traversal vulnerability exists in the `getFullPath` method of langchain-ai/langchainjs version 0.2.5. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Path Traversal
Langchain Js
NVD
GitHub
CVSS 3.1
9.1
EPSS
0.5%
CVE-2024-7774
npm
EPSS 1%
CVSS 9.1
CRITICAL
POC
PATCH
Act Now
A path traversal vulnerability exists in the `getFullPath` method of langchain-ai/langchainjs version 0.2.5. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Path Traversal
Langchain Js
NVD
GitHub