agent-actors (=0.1.0), agentverse (>=0.1.5 <=0.1.8.1) +106 more potentially affected by CVE-2023-38896 via langchain (>=0.0.100 <=0.0.194)

langchain PYPI version =0.0.100, =0.1.5, =0.0.1, =0.0.1, =0.0.5, =0.0.14, =0.2.0, =0.1.3, =0.1.1, =5.2.0, =0.1.1, =0.35.0, =0.0.0, =0.1.0, =0.1.2 and more Source cves: CVE-2023-38896 Source advisory: OSV:PYSEC-2023-146...

PYSEC-2023-146

An issue in Harrison Chase langchain v.0.0.194 and before allows a remote attacker to execute arbitrary code via the frommathprompt and fromcoloredobjectprompt functions...

LangChain Injection Vulnerability

LangChain is used to build applications using LLM through composability. A security vulnerability exists in langchain version 0.0.194 and earlier versions, which results from arbitrary code execution via the frommathprompt and fromcoloredobjectprompt functions...

CVE-2023-36095

An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include frommathprompt and fromcoloredobjectprompt...

LangChain Code Injection Vulnerability

LangChain is used to build applications using LLM through composability. A code injection vulnerability exists in Harrison Chase langchain version v.0.0.194, which stems from an arbitrary code execution vulnerability in frommathpromptllm.run...

PT-2023-25427 · Harrison Chase · Langchain

Name of the Vulnerable Software and Affected Versions: Harrison Chase langchain version 0.0.194 Description: The issue allows an attacker to execute arbitrary code via the python exec calls in the PALChain. Affected functions include from math prompt and from colored object prompt, specifically...