CVE-2023-39659

Name of the Vulnerable Software and Affected Versions langchain langchain-ai versions 0.0.232 and earlier langchain langchain-ai versions prior to 0.0.325

Description An issue in langchain langchain-ai allows a remote attacker to execute arbitrary code via a crafted script to the PythonAstREPLTool. run component.

Recommendations For versions 0.0.232 and earlier, update to version 0.0.325 or later. For versions prior to 0.0.325, update to version 0.0.325 or later. As a temporary workaround, consider disabling the PythonAstREPLTool. run component until a patch is available.