216.73.216.133

CVE-2024-6961

· Published 21/07/2024 11:15 · Modified 21/07/2024 11:15

Labels: CVE-2024-6961 2024-07-21CVE-2024-6961[email protected]

Essential information

Published
21/07/2024 11:15
Modified
21/07/2024 11:15
Author
Creator
CVSS
5.9 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS metrics

Description

RAIL documents are an XML-based format invented by Guardrails AI to enforce formatting checks on LLM outputs. Guardrails users that consume RAIL documents from external sources are vulnerable to XXE, which may cause leakage of internal file data via the SYSTEM entity.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References