CVE-2024-5998 | langchain-ai langchain up to 0.2.8 FAISS.deserialize_from_bytes deserialization

CVE-2024-5998 | langchain-ai langchain up to 0.2.8 FAISS.deserialize_from_bytes deserialization

A vulnerability, which was classified as problematic, has been found in langchain-ai langchain up to 0.2.8. Affected by this issue is the function FAISS.deserialize_from_bytes. The manipulation leads to deserialization. This vulnerability is handled as CVE-2024-5998. It is possible to launch the attack on the physical device. There is no exploit available. It is recommended to upgrade the affected component.