Количество 2
Количество 2
CVE-2023-44467
langchain_experimental (aka LangChain Experimental) in LangChain before 0.0.306 allows an attacker to bypass the CVE-2023-36258 fix and execute arbitrary code via __import__ in Python code, which is not prohibited by pal_chain/base.py.
GHSA-gjjr-63x4-v8cq
langchain_experimental vulnerable to arbitrary code execution via PALChain in the python exec method
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-44467 langchain_experimental (aka LangChain Experimental) in LangChain before 0.0.306 allows an attacker to bypass the CVE-2023-36258 fix and execute arbitrary code via __import__ in Python code, which is not prohibited by pal_chain/base.py. | CVSS3: 9.8 | 0% Низкий | больше 2 лет назад |
| GHSA-gjjr-63x4-v8cq langchain_experimental vulnerable to arbitrary code execution via PALChain in the python exec method | CVSS3: 9.8 | 0% Низкий | больше 2 лет назад |
Уязвимостей на страницу