GHSA-FPRP-P869-W6Q2 LangChain vulnerable to code injection

In LangChain through 0.0.131, the LLMMathChain chain allows prompt injection attacks that can execute arbitrary code via the Python exec method...

PYSEC-2023-18

In LangChain through 0.0.131, the LLMMathChain chain allows prompt injection attacks that can execute arbitrary code via the Python exec method...

Design/Logic Flaw

In LangChain through 0.0.131, the LLMMathChain chain allows prompt injection attacks that can execute arbitrary code via the Python exec method...

CVE-2023-29374

CVE-2023-29374 affects LangChain up to version 0.0.131. The vulnerability lies in the LLMMathChain chain, enabling prompt injection that can execute arbitrary Python code via the built-in exec() method. The NVD/CVE data indicate a high-severity issue (CVSS v3.1: 9.8, CRITICAL) with network attack...

LangChain 注入漏洞

LangChain is used to build applications using LLM through composability. A security vulnerability exists in LangChain 0.0.131 and earlier versions, which stems from a fast injection attack that allows an attacker to execute arbitrary code...