langchain-community@0.0.38 vulnerabilities

Community contributed LangChain integrations.

Direct Vulnerabilities

Known vulnerabilities in the langchain-community package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Uncontrolled Resource Consumption ('Resource Exhaustion')

Affected versions of this package are vulnerable to Uncontrolled Resource Consumption ('Resource Exhaustion') through the SitemapLoader class. An attacker can occupy server socket/port resources and crash the Python process by inducing an infinite loop via recursive sitemap URL references.

How to fix Uncontrolled Resource Consumption ('Resource Exhaustion')?

Upgrade langchain-community to version 0.2.5 or higher.

[,0.2.5)