PyPI package
llama-hub
pkg:pypi/llama-hub
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-23730 | — | < 0.0.67 | 0.0.67 | Jan 21, 2024 | The OpenAPI and ChatGPT plugin loaders in LlamaHub (aka llama-hub) before 0.0.67 allow attackers to execute arbitrary code because safe_load is not used for YAML. |
- CVE-2024-23730Jan 21, 2024affected < 0.0.67fixed 0.0.67
The OpenAPI and ChatGPT plugin loaders in LlamaHub (aka llama-hub) before 0.0.67 allow attackers to execute arbitrary code because safe_load is not used for YAML.