PYSEC-2023-145

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/langchain/PYSEC-2023-145.yaml

JSON Data

https://api.test.osv.dev/v1/vulns/PYSEC-2023-145

Aliases

Published

2023-08-15T17:15:00Z

Modified

2023-11-01T05:02:39.364537Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

An issue in LangChain v.0.0.231 allows a remote attacker to execute arbitrary code via the prompt parameter.

References

https://github.com/langchain-ai/langchain/issues/7641

Affected packages

PyPI / langchain

Package

Name: langchain; View open source insights on deps.dev
Purl: pkg:pypi/langchain

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.0.247

Affected versions

0.*

0.0.1

0.0.2

0.0.3

0.0.4

0.0.5

0.0.6

0.0.7

0.0.8

0.0.9

0.0.10

0.0.11

0.0.12

0.0.13

0.0.14

0.0.15

0.0.16

0.0.17

0.0.18

0.0.19

0.0.20

0.0.21

0.0.22

0.0.23

0.0.24

0.0.25

0.0.26

0.0.27

0.0.28

0.0.29

0.0.30

0.0.31

0.0.32

0.0.33

0.0.34

0.0.35

0.0.36

0.0.37

0.0.38

0.0.39

0.0.40

0.0.41

0.0.42

0.0.43

0.0.44

0.0.45

0.0.46

0.0.47

0.0.48

0.0.49

0.0.50

0.0.51

0.0.52

0.0.53

0.0.54

0.0.55

0.0.56

0.0.57

0.0.58

0.0.59

0.0.60

0.0.61

0.0.63

0.0.64

0.0.65

0.0.66

0.0.67

0.0.68

0.0.69

0.0.70

0.0.71

0.0.72

0.0.73

0.0.74

0.0.75

0.0.76

0.0.77

0.0.78

0.0.79

0.0.80

0.0.81

0.0.82

0.0.83

0.0.84

0.0.85

0.0.86

0.0.87

0.0.88

0.0.89

0.0.90

0.0.91

0.0.92

0.0.93

0.0.94

0.0.95

0.0.96

0.0.97

0.0.98

0.0.99rc0

0.0.99

0.0.100

0.0.101rc0

0.0.101

0.0.102rc0

0.0.102

0.0.103

0.0.104

0.0.105

0.0.106

0.0.107

0.0.108

0.0.109

0.0.110

0.0.111

0.0.112

0.0.113

0.0.114

0.0.115

0.0.116

0.0.117

0.0.118

0.0.119

0.0.120

0.0.121

0.0.122

0.0.123

0.0.124

0.0.125

0.0.126

0.0.127

0.0.128

0.0.129

0.0.130

0.0.131

0.0.132

0.0.133

0.0.134

0.0.135

0.0.136

0.0.137

0.0.138

0.0.139

0.0.140

0.0.141

0.0.142

0.0.143

0.0.144

0.0.145

0.0.146

0.0.147

0.0.148

0.0.149

0.0.150

0.0.151

0.0.152

0.0.153

0.0.154

0.0.155

0.0.156

0.0.157

0.0.158

0.0.159

0.0.160

0.0.161

0.0.162

0.0.163

0.0.164

0.0.165

0.0.166

0.0.167

0.0.168

0.0.169

0.0.170

0.0.171

0.0.172

0.0.173

0.0.174

0.0.175

0.0.176

0.0.177

0.0.178

0.0.179

0.0.180

0.0.181

0.0.182

0.0.183

0.0.184

0.0.185

0.0.186

0.0.187

0.0.188

0.0.189

0.0.190

0.0.191

0.0.192

0.0.193

0.0.194

0.0.195

0.0.196

0.0.197

0.0.198

0.0.199

0.0.200

0.0.201

0.0.202

0.0.203

0.0.204

0.0.205

0.0.206

0.0.207

0.0.208

0.0.209

0.0.210

0.0.211

0.0.212

0.0.213

0.0.214

0.0.215

0.0.216

0.0.217

0.0.218

0.0.219

0.0.220

0.0.221

0.0.222

0.0.223

0.0.224

0.0.225

0.0.226

0.0.227

0.0.228

0.0.229

0.0.230

0.0.231

0.0.232

0.0.233

0.0.234

0.0.235

0.0.236

0.0.237

0.0.238

0.0.239

0.0.240rc0

0.0.240rc1

0.0.240rc4

0.0.240

0.0.242

0.0.243

0.0.244

0.0.245

0.0.246

Database specific

source

"https://github.com/pypa/advisory-database/blob/main/vulns/langchain/PYSEC-2023-145.yaml"