11 matches found
Arbitrary Code Execution
langchain is vulnerable to Arbitrary Code Execution. This vulnerability is caused by a flaw in the frommathprompt and fromcoloredobjectprompt functions, which could allow an attacker to execute arbitrary code on the victim's system by sending a specially crafted prompt...
GHSA-92J5-3459-QGP4 LangChain vulnerable to arbitrary code execution
An issue in Harrison Chase langchain before version 0.0.236 allows a remote attacker to execute arbitrary code via the frommathprompt and fromcoloredobjectprompt functions...
CVE-2023-38896
An issue in Harrison Chase langchain v.0.0.194 and before allows a remote attacker to execute arbitrary code via the frommathprompt and fromcoloredobjectprompt functions...
PYSEC-2023-146
An issue in Harrison Chase langchain v.0.0.194 and before allows a remote attacker to execute arbitrary code via the frommathprompt and fromcoloredobjectprompt functions...
Session fixation
An issue in Harrison Chase langchain v.0.0.194 and before allows a remote attacker to execute arbitrary code via the frommathprompt and fromcoloredobjectprompt functions...
CVE-2023-36095
An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include frommathprompt and fromcoloredobjectprompt...
CVE-2023-36095
An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include frommathprompt and fromcoloredobjectprompt...
CVE-2023-36095
An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include frommathprompt and fromcoloredobjectprompt...
Design/Logic Flaw
An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include frommathprompt and fromcoloredobjectprompt...
CVE-2023-36095
An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include frommathprompt and fromcoloredobjectprompt...
CVE-2023-36095
An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include frommathprompt and fromcoloredobjectprompt...