VDB
KO
CRITICAL 9.8

GHSA-8h5w-f6q9-wg35

Langchain SQL Injection vulnerability

Details

In Langchain before 0.0.247, prompt injection allows execution of arbitrary code against the SQL service provided by the chain.

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / langchain
Introduced in: 0 Fixed in: 0.0.247
Fix pip install --upgrade 'langchain>=0.0.247'

References