Langchain: >> Langchain >> 0.0.171 Security Vulnerabilities
An issue in Harrison Chase langchain v.0.0.194 and before allows a remote attacker to execute arbitrary code via the from_math_prompt and from_colored_object_prompt functions.
CVSS Score
9.8
EPSS Score
0.015
Published
2023-08-15
An issue in langchain langchain-ai v.0.0.232 and before allows a remote attacker to execute arbitrary code via a crafted script to the PythonAstREPLTool._run component.
CVSS Score
9.8
EPSS Score
0.013
Published
2023-08-15
Langchain 0.0.171 is vulnerable to Arbitrary code execution in load_prompt.
CVSS Score
9.8
EPSS Score
0.009
Published
2023-06-20
Langchain before v0.0.225 was discovered to contain a remote code execution (RCE) vulnerability in the component JiraAPIWrapper (aka the JIRA API wrapper). This vulnerability allows attackers to execute arbitrary code via crafted input. As noted in the "releases/tag" reference, a fix is available.
CVSS Score
9.8
EPSS Score
0.017
Published
2023-06-14
Page 2