langchain-community@0.2.0 vulnerabilities

Community contributed LangChain integrations.

latest version

0.2.5
latest non vulnerable version

0.2.5
first published

7 months ago
latest version published

10 days ago
licenses detected
- MIT
  [0,)
View langchain-community package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the langchain-community package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
M Uncontrolled Resource Consumption ('Resource Exhaustion') Affected versions of this package are vulnerable to Uncontrolled Resource Consumption ('Resource Exhaustion') through the `SitemapLoader` class. An attacker can occupy server socket/port resources and crash the Python process by inducing an infinite loop via recursive sitemap URL references. How to fix Uncontrolled Resource Consumption ('Resource Exhaustion')? Upgrade `langchain-community` to version 0.2.5 or higher.	[,0.2.5)

Uncontrolled Resource Consumption ('Resource Exhaustion')

Affected versions of this package are vulnerable to Uncontrolled Resource Consumption ('Resource Exhaustion') through the SitemapLoader class. An attacker can occupy server socket/port resources and crash the Python process by inducing an infinite loop via recursive sitemap URL references.

How to fix Uncontrolled Resource Consumption ('Resource Exhaustion')?

Upgrade langchain-community to version 0.2.5 or higher.

[,0.2.5)

Go back to all versions of this package

langchain-community@0.2.0 vulnerabilities

Community contributed LangChain integrations.

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities