Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:40111
HistoryApr 11, 2023 - 5:32 p.m.

Arbitrary Code Execution

2023-04-1117:32:33
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
arbitrary code execution
python
prompt injection

0.002 Low

EPSS

Percentile

54.6%

JSON

langchain is vulnerable to Arbitrary Code Execution.The vulnerability exists in the _process_llm_result function due to the insecure usage of the Python exec method, which allows an attacker to carry out prompt injection attacks resulting in arbitrary code execution.

CPENameOperatorVersion
langchainle0.0.141
langchainle0.0.141

Related

osv 3
prion 1
github 1
cve 1
cvelist 1
nvd 1
osv
osv
PYSEC-2023-18
2023-04-05 02:15:00
CVE-2023-29374
2023-04-05 02:15:37
LangChain vulnerable to code injection
2023-04-05 03:30:17
prion
prion
Design/Logic Flaw
2023-04-05 02:15:00
github
github
LangChain vulnerable to code injection
2023-04-05 03:30:17
cve
cve
CVE-2023-29374
2023-04-05 02:15:37
cvelist
cvelist
CVE-2023-29374
2023-04-05 00:00:00
nvd
nvd
CVE-2023-29374
2023-04-05 02:15:37

0.002 Low

EPSS

Percentile

54.6%

JSON
Related for VERACODE:40111
osv3prion1github1cve1cvelist1nvd1