{
  "id": "CVE-2023-39659",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-08-15T17:15:12.930",
  "lastModified": "2023-08-15T17:15:41.713",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue in langchain langchain-ai v.0.0.232 and before allows a remote attacker to execute arbitrary code via a crafted script to the PythonAstREPLTool._run component."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://github.com/langchain-ai/langchain/issues/7700",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://github.com/langchain-ai/langchain/pull/5640",
      "source": "cve@mitre.org"
    }
  ]
}