VYPR

langchain_experimental

by Langchain AI

Source repositories

CVEs (2)

  • CVE-2024-46946Sep 19, 2024
    risk 0.00cvss epss 0.01

    langchain_experimental (aka LangChain Experimental) 0.1.17 through 0.3.0 for LangChain allows attackers to execute arbitrary code through sympy.sympify (which uses eval) in LLMSymbolicMathChain. LLMSymbolicMathChain was introduced in fcccde406dd9e9b05fc9babcbeb9ff527b0ec0c6…

  • CVE-2023-44467Oct 9, 2023
    risk 0.00cvss epss 0.01

    langchain_experimental (aka LangChain Experimental) in LangChain before 0.0.306 allows an attacker to bypass the CVE-2023-36258 fix and execute arbitrary code via __import__ in Python code, which is not prohibited by pal_chain/base.py.