PT-2023-24914 · Langchain · Langchain
0Gur1
·
Published
2023-06-20
·
Updated
2024-12-09
·
CVE-2023-34541
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Langchain version 0.0.171
Description
The issue concerns arbitrary code execution in the
load prompt function. This allows for potentially malicious code to be executed, posing a significant risk.Recommendations
For Langchain version 0.0.171, consider disabling the
load prompt function until a patch is available to prevent arbitrary code execution.Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Langchain