CVE-2023-32786

In Langchain through 0.0.155, prompt injection allows an attacker to force the service to retrieve data from an arbitrary URL, essentially providing SSRF and potentially injecting content into downstream tasks...

PT-2023-24018 · Langchain · Langchain

Name of the Vulnerable Software and Affected Versions: Langchain versions 0.0.155 and earlier Langchain versions prior to 0.0.247 Description: The issue allows for prompt injection, enabling the execution of arbitrary code against the SQL service provided by the chain. Recommendations: For...

PT-2023-24019

Name of the Vulnerable Software and Affected Versions Langchain versions 0.0.0 through 0.0.155 Langchain versions prior to 0.0.329 Description The issue allows an attacker to force the service to retrieve data from an arbitrary URL, essentially providing Server-Side Request Forgery SSRF and...

Langchain Injection Vulnerability

LangChain is built as an application using LLM through composability. Langchain 0.0.155 and prior versions are vulnerable to an injection vulnerability that stems from the presence of a SQL injection vulnerability...

Langchain Injection Vulnerability

LangChain is built as an application using LLM through composability. A security vulnerability exists in Langchain version 0.0.155 and earlier, which stems from the presence of a server request forgery SSRF vulnerability...

CVE-2023-32785

LangChain (CVE-2023-32785) is affected by a SQL Injection via prompt injection in the SQLDatabaseChain. Versions