Langchain: >> Langchain >> 0.0.64 Security Vulnerabilities
An issue in langchain langchain-ai v.0.0.232 and before allows a remote attacker to execute arbitrary code via a crafted script to the PythonAstREPLTool._run component.
CVSS Score
9.8
EPSS Score
0.012
Published
2023-08-15
An issue in langchain v.0.0.64 allows a remote attacker to execute arbitrary code via the PALChain parameter in the Python exec method.
CVSS Score
9.8
EPSS Score
0.066
Published
2023-07-06
SQL injection vulnerability in langchain before v0.0.247 allows a remote attacker to obtain sensitive information via the SQLDatabaseChain component.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-07-06
In LangChain through 0.0.131, the LLMMathChain chain allows prompt injection attacks that can execute arbitrary code via the Python exec method.
CVSS Score
9.8
EPSS Score
0.038
Published
2023-04-05
Page 2