| Summary | An arbitrary code execution vulnerability exists in versions 0.2.9 up to 0.5.10 of the Guardrails AI Guardrails framework because of the way it validates XML files. If a victim user loads a maliciously crafted XML file containing Python code, the code will be passed to an eval function, causing it to execute on the user's machine. |
|---|---|
| Publication Date | Sept. 19, 2024, 12:15 a.m. |
| Registration Date | Sept. 19, 2024, 5 a.m. |
| Last Update | Sept. 20, 2024, 9:30 p.m. |