GHSA-X32C-59V5-H7FG Langchain OS Command Injection vulnerability

Langchain before v0.0.225 was discovered to contain a remote code execution RCE vulnerability in the component JiraAPIWrapper aka the JIRA API wrapper. This vulnerability allows attackers to execute arbitrary code via crafted input. As noted in the "releases/tag" reference, a fix is available...

PT-2023-24913 · Langchain · Langchain

Name of the Vulnerable Software and Affected Versions: Langchain versions prior to 0.0.225 Description: The issue allows attackers to execute arbitrary code via crafted input, specifically through the JiraAPIWrapper component. This enables the execution of arbitrary code, potentially leading to...