4 matches found
PYSEC-2023-146
An issue in Harrison Chase langchain v.0.0.194 and before allows a remote attacker to execute arbitrary code via the frommathprompt and fromcoloredobjectprompt functions...
LangChain Injection Vulnerability
LangChain is used to build applications using LLM through composability. A security vulnerability exists in langchain version 0.0.194 and earlier versions, which results from arbitrary code execution via the frommathprompt and fromcoloredobjectprompt functions...
PYSEC-2023-138
An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include frommathprompt and fromcoloredobjectprompt...
LangChain Code Injection Vulnerability
LangChain is used to build applications using LLM through composability. A code injection vulnerability exists in Harrison Chase langchain version v.0.0.194, which stems from an arbitrary code execution vulnerability in frommathpromptllm.run...