Vulnerabilities > Langchain > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-08-05 | CVE-2023-36095 | Code Injection vulnerability in Langchain 0.0.194 An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include from_math_prompt and from_colored_object_prompt. | 9.8 |
2023-07-06 | CVE-2023-36188 | Injection vulnerability in Langchain 0.0.64 An issue in langchain v.0.0.64 allows a remote attacker to execute arbitrary code via the PALChain parameter in the Python exec method. | 9.8 |
2023-07-03 | CVE-2023-36258 | Unspecified vulnerability in Langchain 0.0.199 An issue in LangChain before 0.0.236 allows an attacker to execute arbitrary code because Python code with os.system, exec, or eval can be used. | 9.8 |
2023-06-20 | CVE-2023-34541 | Unspecified vulnerability in Langchain 0.0.171 Langchain 0.0.171 is vulnerable to Arbitrary code execution in load_prompt. | 9.8 |
2023-06-14 | CVE-2023-34540 | Unspecified vulnerability in Langchain 0.0.171 Langchain before v0.0.225 was discovered to contain a remote code execution (RCE) vulnerability in the component JiraAPIWrapper (aka the JIRA API wrapper). | 9.8 |
2023-04-05 | CVE-2023-29374 | Injection vulnerability in Langchain In LangChain through 0.0.131, the LLMMathChain chain allows prompt injection attacks that can execute arbitrary code via the Python exec method. | 9.8 |