CVE-2024-2057 | Harrison Chase LangChain 0.1.9 tfidf.py load_local server-side request forgery

CVE-2024-2057 | Harrison Chase LangChain 0.1.9 tfidf.py load_local server-side request forgery

A vulnerability was found in Harrison Chase LangChain 0.1.9. It has been classified as critical. Affected is the function load_local in the library libs/community/langchain_community/retrievers/tfidf.py. The manipulation leads to server-side request forgery. This vulnerability is traded as CVE-2024-2057. It is possible to launch the attack remotely. Furthermore, there is an exploit available.