Vulnerability Description
LangChain4j-AIDeepin is a Retrieval enhancement generation (RAG) project. Prior to 3.5.0, LangChain4j-AIDeepin uses MD5 to hash files, which may cause file upload conflicts. This issue is fixed in 3.5.0.
Related Weaknesses (CWE)
References
- https://github.com/moyangzhan/langchain4j-aideepin/commit/3cf625c5044a151a8cbcbd
- https://github.com/moyangzhan/langchain4j-aideepin/security/advisories/GHSA-cv5r
FAQ
What is CVE-2025-21604?
CVE-2025-21604 is a documented vulnerability. LangChain4j-AIDeepin is a Retrieval enhancement generation (RAG) project. Prior to 3.5.0, LangChain4j-AIDeepin uses MD5 to hash files, which may cause file upload conflicts. This issue is fixed in 3.5...
How severe is CVE-2025-21604?
CVSS scoring is not yet available for CVE-2025-21604. Check NVD for updates.
Is there a patch for CVE-2025-21604?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.