lollms@11.0.0 vulnerabilities
A python library for AI personality definition
latest version
11.0.0
first published
1 years ago
latest version published
11 days ago
licenses detected
- [0,)
Direct Vulnerabilities
Known vulnerabilities in the lollms package. This does not include vulnerabilities belonging to this package’s dependencies.
How to fix?
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free| Vulnerability | Vulnerable Version |
|---|---|
lollms is a python library for AI personality definition Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the How to fix Cross-site Scripting (XSS)? A fix was pushed into the | [0,) |
lollms is a python library for AI personality definition Affected versions of this package are vulnerable to Improper Control of Generation of Code ('Code Injection') through the How to fix Improper Control of Generation of Code ('Code Injection')? There is no fixed version for | [0,) |
lollms is a python library for AI personality definition Affected versions of this package are vulnerable to Path Traversal in speaker wav and output file paths.. This vulnerability can be abused to write audio files compatible with XTTS to arbitrary locations on the system, and also enumerate such file paths on the system. How to fix Path Traversal? There is no fixed version for | [0,) |
lollms is a python library for AI personality definition Affected versions of this package are vulnerable to Path Traversal due to the possibility of performing an unauthenticated root folder settings change. An attacker can read arbitrary files on the system. Note: This vulnerability can be abused to write audio files compatible with XTTS to arbitrary locations on the system, and also enumerate such file paths on the system. How to fix Path Traversal? There is no fixed version for | [0,) |