Количество 2
Количество 2
CVE-2024-46946
langchain_experimental (aka LangChain Experimental) 0.1.17 through 0.3.0 for LangChain allows attackers to execute arbitrary code through sympy.sympify (which uses eval) in LLMSymbolicMathChain. LLMSymbolicMathChain was introduced in fcccde406dd9e9b05fc9babcbeb9ff527b0ec0c6 (2023-10-05).
GHSA-p2qj-r53j-h3xj
LangChain Experimental Eval Injection vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-46946 langchain_experimental (aka LangChain Experimental) 0.1.17 through 0.3.0 for LangChain allows attackers to execute arbitrary code through sympy.sympify (which uses eval) in LLMSymbolicMathChain. LLMSymbolicMathChain was introduced in fcccde406dd9e9b05fc9babcbeb9ff527b0ec0c6 (2023-10-05). | CVSS3: 9.8 | 0% Низкий | больше 1 года назад |
| GHSA-p2qj-r53j-h3xj LangChain Experimental Eval Injection vulnerability | CVSS3: 9.8 | 0% Низкий | больше 1 года назад |
Уязвимостей на страницу