An issue in LangChain before 0.0.236 allows an attacker to execute arbitrary code because Python code with os.system, exec, or eval can be used.
References
Link | Resource |
---|---|
https://github.com/hwchase17/langchain/issues/5872 | Exploit Issue Tracking Mitigation |
https://github.com/hwchase17/langchain/issues/5872 | Exploit Issue Tracking Mitigation |
Configurations
History
22 Nov 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-94 |
21 Nov 2024, 08:09
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/hwchase17/langchain/issues/5872 - Exploit, Issue Tracking, Mitigation |
26 Feb 2024, 16:27
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) An issue in LangChain before 0.0.236 allows an attacker to execute arbitrary code because Python code with os.system, exec, or eval can be used. |
Information
Published : 2023-07-03 21:15
Updated : 2024-11-22 17:15
NVD link : CVE-2023-36258
Mitre link : CVE-2023-36258
CVE.ORG link : CVE-2023-36258
JSON object : View
Products Affected
langchain
- langchain
CWE