PyPI: langchain

CVE-2024-21503

Safety vulnerability ID: SFTY-20240319-34923

Safety legacy ID: pyup.io-70875

Langchain version 0.1.14 addresses CVE-2024-21503, updating the "black" python linter from version 24.2.0 to 24.3.0. This update remedies a Regex-related denial of service vulnerability present in the earlier version.

PythonPyPINVDNVD
Created at: Nov 5, 2025Updated at: Nov 5, 2025

Overview

Langchain version 0.1.14 addresses CVE-2024-21503, updating the "black" python linter from version 24.2.0 to 24.3.0. This update remedies a Regex-related denial of service vulnerability present in the earlier version.

Advisory

Langchain version 0.1.14 addresses CVE-2024-21503, updating the "black" python linter from version 24.2.0 to 24.3.0. This update remedies a Regex-related denial of service vulnerability present in the earlier version.

Affected Package

Affecting langchain package, versions
<0.1.14

Also affects

---

How to Fix

Upgrade
langchain
to
0.1.14
or higher.

Mitigation and Workarounds

---

Vulnerable Functions

Functions linked to known vulnerabilities.

Vulnerable function data is available for Enterprise customers

Book a call with us to see Safety in action.

References

Safety

Verified by Safety

Our Cybersecurity Intelligence Team reviewed this vulnerability. We combine public data with our own research to find issues not yet reported to public sources.

Learn more