—
PYSEC-2023-18
상세
In LangChain through 0.0.131, the LLMMathChain chain allows prompt injection attacks that can execute arbitrary code via the Python exec method.
이 버전이 영향받나요?
사용 중인 패키지 버전을 입력하면 즉시 평가합니다.
영향 패키지
참고
- https://twitter.com/rharang/status/1641899743608463365/photo/1 [WEB]
- https://github.com/hwchase17/langchain/pull/1119 [WEB]
- https://github.com/hwchase17/langchain/issues/814 [REPORT]
- https://github.com/hwchase17/langchain/issues/1026 [REPORT]
- https://github.com/advisories/GHSA-fprp-p869-w6q2 [ADVISORY]