CRITICAL 9.8

PYSEC-2023-162

Details

An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library.

Enter the version of the package you're using.

Introduced in: 0 Fixed in: 0.0.308

Fix pip install --upgrade 'langchain>=0.0.308'