4 matches found
CVE-2023-34540
Langchain before v0.0.225 was discovered to contain a remote code execution RCE vulnerability in the component JiraAPIWrapper aka the JIRA API wrapper. This vulnerability allows attackers to execute arbitrary code via crafted input. As noted in the "releases/tag" reference, a fix is available...
agent-actors (=0.1.0), agent-reader (>=0.2.1 <=0.2.2) +143 more potentially affected by CVE-2023-34540 via langchain (>=0.0.100 <=0.0.224)
langchain PYPI version =0.0.100, =0.2.1, =0.1.0, =0.1.5, =0.0.1, =0.0.1, =0.0.1, =0.0.5, =0.0.14, =0.1.9, =0.0.33, =0.2.0, =0.1.3, =0.1.1, =0.1.18 and more Source cves: CVE-2023-34540 Source advisory: OSV:PYSEC-2023-91...
CVE-2023-34540
Summary: Langchain before v0.0.225 contains a remote code execution vulnerability in the JiraAPIWrapper. The flaw allows an attacker to execute arbitrary code via crafted input in the wrapper component. A fix is available, referenced by the v0.0.225 release notes. Affected scope (from connected d...
CVE-2023-34540
Langchain before v0.0.225 was discovered to contain a remote code execution RCE vulnerability in the component JiraAPIWrapper aka the JIRA API wrapper. This vulnerability allows attackers to execute arbitrary code via crafted input. As noted in the "releases/tag" reference, a fix is available...