Langchain Langchain-experimental
4 CVEs affecting Langchain Langchain-experimental. Latest disclosed: 2024-09-19. Critical: 2, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-46946 | Critical | 9.8 | 2024-09-19 | langchain_experimental (aka LangChain Experimental) 0.1.17 through 0.3.0 for LangChain allows attackers to execute arbitrary code through sympy.sympify (which… |
CVE-2024-27444 | Critical | 9.8 | 2024-02-26 | langchain_experimental (aka LangChain Experimental) in LangChain before 0.1.8 allows an attacker to bypass the CVE-2023-44467 fix and execute arbitrary code vi… |
CVE-2024-21513 | High | 8.5 | 2024-07-15 | Versions of the package langchain-experimental from 0.0.15 and before 0.0.21 are vulnerable to Arbitrary Code Execution when retrieving values from the databas… |
CVE-2024-38459 | High | 7.8 | 2024-06-16 | langchain_experimental (aka LangChain Experimental) before 0.0.61 for LangChain provides Python REPL access without an opt-in step. NOTE; this issue exists bec… |