langchain@0.3.0-rc.0 vulnerabilities

Typescript bindings for langchain

Known vulnerabilities in the langchain package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
L SQL Injection langchain is a Typescript bindings for langchain Affected versions of this package are vulnerable to SQL Injection via the default configuration of the `GraphCypherQAChain` class, by manipulating entities in the graph database through prompt injection. How to fix SQL Injection? Upgrade `langchain` to version 0.3.3 or higher.	<0.3.3