CVE-2023-36189: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
(updated )
SQL injection vulnerability in langchain v.0.0.64 allows a remote attacker to obtain sensitive information via the SQLDatabaseChain component.
References
Detect and mitigate CVE-2023-36189 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →