Ragas
Monthly
Server-side request forgery in vibrantlabsai RAGAS up to version 0.4.3 allows authenticated remote attackers to manipulate the retrieved_contexts argument in the Collections Module's _try_process_local_file and _try_process_url functions, enabling arbitrary file reads and network requests with the application's privileges. Publicly available exploit code exists; the vendor has not responded to early disclosure attempts despite the security patch for related CVE-2025-45691 being applied to a different module only.
An Arbitrary File Read vulnerability exists in the ImageTextPromptValue class in Exploding Gradients RAGAS v0.2.3 to v0.2.14. The vulnerability stems from improper validation and sanitization of URLs supplied in the retrieved_contexts parameter when handling multimodal inputs. [CVSS 7.5 HIGH]
Server-side request forgery in vibrantlabsai RAGAS up to version 0.4.3 allows authenticated remote attackers to manipulate the retrieved_contexts argument in the Collections Module's _try_process_local_file and _try_process_url functions, enabling arbitrary file reads and network requests with the application's privileges. Publicly available exploit code exists; the vendor has not responded to early disclosure attempts despite the security patch for related CVE-2025-45691 being applied to a different module only.
An Arbitrary File Read vulnerability exists in the ImageTextPromptValue class in Exploding Gradients RAGAS v0.2.3 to v0.2.14. The vulnerability stems from improper validation and sanitization of URLs supplied in the retrieved_contexts parameter when handling multimodal inputs. [CVSS 7.5 HIGH]