langchain
PyPI19 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting langchainpage 1 of 1
- CVE-2023-29374CRITICALCVSS 9.8EG 9.8✓ Fixed in 0.0.1322023-04-05
vulnerable: 0.0.1 ... 0.0.99rc0 (133 versions)
In LangChain through 0.0.131, the LLMMathChain chain allows prompt injection attacks that can execute arbitrary code via the Python exec method.
- CVE-2023-32786HIGHCVSS 7.5EG 7.5✓ Fixed in 0.0.3292023-10-20
vulnerable: 0.0.1 ... 0.0.99rc0 (329 versions)
In Langchain through 0.0.155, prompt injection allows an attacker to force the service to retrieve data from an arbitrary URL, essentially providing SSRF and potentially injecting content into downstream tasks.
- CVE-2023-34540CRITICALCVSS 9.8EG 9.8✓ Fixed in 0.0.2252023-06-14
vulnerable: 0.0.1 ... 0.0.224 (226 versions)
Langchain before v0.0.225 was discovered to contain a remote code execution (RCE) vulnerability in the component JiraAPIWrapper (aka the JIRA API wrapper). This vulnerability allows attackers to execute arbitrary code via crafted input. As…
- CVE-2023-34541CRITICALCVSS 9.8EG 9.8✓ Fixed in 0.0.2472023-06-20
vulnerable: 0.0.1 ... 0.0.246 (250 versions)
Langchain 0.0.171 is vulnerable to Arbitrary code execution in load_prompt.
- CVE-2023-36095CRITICALCVSS 9.8EG 9.8✓ Fixed in 0.0.2362023-08-05
vulnerable: 0.0.1 ... 0.0.99rc0 (237 versions)
An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include from_math_prompt and from_colored_object_prompt.
- CVE-2023-36188CRITICALCVSS 9.8EG 9.8✓ Fixed in 0.0.2472023-07-06
vulnerable: 0.0.1 ... 0.0.246 (250 versions)
An issue in langchain v.0.0.64 allows a remote attacker to execute arbitrary code via the PALChain parameter in the Python exec method.
- CVE-2023-36189HIGHCVSS 7.5EG 7.5✓ Fixed in 0.0.2472023-07-06
vulnerable: 0.0.1 ... 0.0.246 (250 versions)
SQL injection vulnerability in langchain before v0.0.247 allows a remote attacker to obtain sensitive information via the SQLDatabaseChain component.
- CVE-2023-36258CRITICALCVSS 9.8EG 9.8✓ Fixed in 0.0.2472023-07-03
vulnerable: 0.0.1 ... 0.0.246 (250 versions)
An issue in LangChain before 0.0.236 allows an attacker to execute arbitrary code because Python code with os.system, exec, or eval can be used.
- CVE-2023-36281CRITICALCVSS 9.8EG 9.8✓ Fixed in 0.0.1712023-08-22
vulnerable: 0.0.1 ... 0.0.99rc0 (172 versions)
An issue in langchain v.0.0.171 allows a remote attacker to execute arbitrary code via a JSON file to load_prompt. This is related to __subclasses__ or a template.
- CVE-2023-38860CRITICALCVSS 9.8EG 9.8✓ Fixed in 0.0.2472023-08-15
vulnerable: 0.0.1 ... 0.0.99rc0 (250 versions)
An issue in LangChain v.0.0.231 allows a remote attacker to execute arbitrary code via the prompt parameter.
- CVE-2023-38896CRITICALCVSS 9.8EG 9.8✓ Fixed in 0.0.1952023-08-15
vulnerable: 0.0.1 ... 0.0.99rc0 (196 versions)
An issue in Harrison Chase langchain v.0.0.194 and before allows a remote attacker to execute arbitrary code via the from_math_prompt and from_colored_object_prompt functions.
- CVE-2023-39631CRITICALCVSS 9.8EG 9.8✓ Fixed in 0.0.3082023-09-01
vulnerable: 0.0.1 ... 0.0.307 (309 versions)
An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library.
- CVE-2023-39659CRITICALCVSS 9.8EG 9.8✓ Fixed in 0.0.2332023-08-15
vulnerable: 0.0.1 ... 0.0.99rc0 (234 versions)
An issue in langchain langchain-ai v.0.0.232 and before allows a remote attacker to execute arbitrary code via a crafted script to the PythonAstREPLTool._run component.
- CVE-2023-46229HIGHCVSS 8.8EG 8.8✓ Fixed in 0.0.3172023-10-19
vulnerable: 0.0.1 ... 0.0.99rc0 (318 versions)
LangChain before 0.0.317 allows SSRF via document_loaders/recursive_url_loader.py because crawling can proceed from an external server to an internal server.
- CVE-2024-0243HIGHCVSS 8.1EG 8.1✓ Fixed in 0.1.02024-02-26
vulnerable: 0.0.1 ... 0.0.99rc0 (365 versions)
With the following crawler configuration: ```python from bs4 import BeautifulSoup as Soup url = "https://example.com" loader = RecursiveUrlLoader( url=url, max_depth=2, extractor=lambda x: Soup(x, "html.parser").text ) docs = loader.…
- CVE-2024-28088HIGHCVSS 8.1EG 8.1✓ Fixed in 0.1.112024-03-04
vulnerable: 0.0.1 ... 0.1.9 (376 versions)
LangChain through 0.1.10 allows ../ directory traversal by an actor who is able to control the final part of the path parameter in a load_chain call. This bypasses the intended behavior of loading configurations only from the hwchase17/lan…
- CVE-2024-2965MEDIUMCVSS 4.7EG 4.7✓ Fixed in 0.2.52024-06-06
vulnerable: 0.0.1 ... 0.2.4 (393 versions)
A Denial-of-Service (DoS) vulnerability exists in the `SitemapLoader` class of the `langchain-ai/langchain` repository, affecting all versions. The `parse_sitemap` method, responsible for parsing sitemaps and extracting URLs, lacks a mecha…
- CVE-2024-3571HIGHCVSS 8.8EG 8.8✓ Fixed in 0.0.3532024-04-16
vulnerable: 0.0.1 ... 0.0.99rc0 (363 versions)
langchain-ai/langchain is vulnerable to path traversal due to improper limitation of a pathname to a restricted directory ('Path Traversal') in its LocalFileStore functionality. An attacker can leverage this vulnerability to read or write …
- CVE-2024-8309CRITICALCVSS 9.8EG 9.8✓ Fixed in 0.2.02024-10-29
vulnerable: 0.0.1 ... 0.2.0rc2 (388 versions)
A vulnerability in the GraphCypherQAChain class of langchain-ai/langchain version 0.2.5 allows for SQL injection through prompt injection. This vulnerability can lead to unauthorized data manipulation, data exfiltration, denial of service …
Check whether langchain is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for langchain CVEs against the assets you own.
Start Free Scan →