5 matches found
CVE-2023-36095
An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include frommathprompt and fromcoloredobjectprompt...
agent-actors (=0.1.0), agent-reader (>=0.2.1 <=0.2.2) +162 more potentially affected by CVE-2023-36095 via langchain (>=0.0.100 <=0.0.235)
langchain PYPI version =0.0.100, =0.2.1, =0.1.0, =0.1.5, =0.0.1, =0.0.1, =0.0.1, =0.0.5, =0.0.14, =0.1.9, =0.0.33, =0.1.0a0, =0.2.0, =0.1.3, =0.1.5 and more Source cves: CVE-2023-36095 Source advisory: OSV:GHSA-GWQQ-6VQ7-5J86...
CVE-2023-36095
An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include frommathprompt and fromcoloredobjectprompt...
CVE-2023-36095
An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include frommathprompt and fromcoloredobjectprompt...
CVE-2023-36095
LangChain v0.0.194 is affected by a code-injection vulnerability (CVE-2023-36095) via the PALChain, enabling an attacker to execute arbitrary Python code through exec calls in from_math_prompt and from_colored_object_prompt. Reported impacts include high severity with potential full compromise; C...