PyPI: langchain-experimental
CVE-2024-46946
Safety vulnerability ID: SFTY-20240919-33572
Safety legacy ID: pyup.io-73280
A vulnerability exists in langchain_experimental affected versions where the LLMSymbolicMathChain was introduced because it passes untrusted input directly to sympy.sympify, which uses eval() internally. This flaw allows attackers to execute arbitrary code via crafted mathematical expressions.
Overview
LangChain Experimental Eval Injection vulnerability
Advisory
A vulnerability exists in langchain_experimental affected versions where the LLMSymbolicMathChain was introduced because it passes untrusted input directly to sympy.sympify, which uses eval() internally. This flaw allows attackers to execute arbitrary code via crafted mathematical expressions.
How to Fix
Mitigation and Workarounds
---
Vulnerable Functions
Functions linked to known vulnerabilities.
References
- https://getsafety.com/vulnerabilities/SFTY-20240919-33572/CVE-2024-46946
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46946
- https://github.com/advisories/GHSA-p2qj-r53j-h3xj
- https://github.com/langchain-ai/langchain/blob/19ce95d3c9d9787f5293550c448439cc786b76f5/libs/experimental/langchain_experimental/llm_symbolic_math/base.py#L61
- https://nvd.nist.gov/vuln/detail/CVE-2024-46946
- https://docs.sympy.org/latest/modules/codegen.html
- https://gist.github.com/12end/68c0c58d2564ef4141bccd4651480820#file-cve-2024-46946-txt
- https://github.com/langchain-ai/langchain/releases/tag/langchain-experimental%3D%3D0.3.0
- https://github.com/advisories/GHSA-p2qj-r53j-h3xj
Verified by Safety
Our Cybersecurity Intelligence Team reviewed this vulnerability. We combine public data with our own research to find issues not yet reported to public sources.
Learn more