Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown

CVE-2023-36281

Disclosure Date: August 22, 2023 (last updated November 17, 2023)
An issue in langchain v.0.0.171 allows a remote attacker to execute arbitrary code via a JSON file to load_prompt. This is related to __subclasses__ or a template.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-34541

Disclosure Date: June 20, 2023 (last updated October 08, 2023)
Langchain 0.0.171 is vulnerable to Arbitrary code execution in load_prompt.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-34540

Disclosure Date: June 14, 2023 (last updated March 14, 2024)
Langchain before v0.0.225 was discovered to contain a remote code execution (RCE) vulnerability in the component JiraAPIWrapper (aka the JIRA API wrapper). This vulnerability allows attackers to execute arbitrary code via crafted input. As noted in the "releases/tag" reference, a fix is available.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0