chore(deps): update dependency langchain-core to v0.3.15 [security] #85

renovate-bot · 2025-03-21T16:53:23Z

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
langchain-core (changelog)	`==0.3.6` -> `==0.3.15`

GitHub Vulnerability Alerts

CVE-2024-10940

A vulnerability in langchain-core versions >=0.1.17,<0.1.53, >=0.2.0,<0.2.43, and >=0.3.0,<0.3.15 allows unauthorized users to read arbitrary files from the host file system. The issue arises from the ability to create langchain_core.prompts.ImagePromptTemplate's (and by extension langchain_core.prompts.ChatPromptTemplate's) with input variables that can read any user-specified path from the server file system. If the outputs of these prompt templates are exposed to the user, either directly or through downstream model outputs, it can lead to the exposure of sensitive information.

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Never, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

dpebot · 2025-03-21T16:53:30Z

/gcbrun

dpebot · 2025-05-28T09:40:54Z

/gcbrun

dpebot · 2025-05-28T23:04:53Z

/gcbrun

dpebot · 2025-05-29T05:29:37Z

/gcbrun

dpebot · 2025-05-29T14:02:10Z

/gcbrun

dpebot · 2025-05-30T02:46:03Z

/gcbrun

dpebot · 2025-05-30T11:52:02Z

/gcbrun

dpebot · 2025-05-30T21:29:48Z

/gcbrun

dpebot · 2025-05-31T07:02:18Z

/gcbrun

dpebot · 2025-05-31T14:28:13Z

/gcbrun

dpebot · 2025-05-31T21:20:48Z

/gcbrun

dpebot · 2025-06-01T04:56:26Z

/gcbrun

dpebot · 2025-06-01T13:43:16Z

/gcbrun

dpebot · 2025-06-02T05:12:12Z

/gcbrun

dpebot · 2025-06-02T13:24:01Z

/gcbrun

dpebot · 2025-06-02T23:11:07Z

/gcbrun

dpebot · 2025-06-03T05:56:52Z

/gcbrun

dpebot · 2025-06-03T18:57:27Z

/gcbrun

dpebot · 2025-06-04T04:47:26Z

/gcbrun

dpebot · 2025-06-04T17:42:53Z

/gcbrun

dpebot · 2025-06-05T00:33:44Z

/gcbrun

dpebot · 2025-06-05T11:49:46Z

/gcbrun

dpebot · 2025-06-07T01:28:51Z

/gcbrun

dpebot · 2025-06-07T08:37:32Z

/gcbrun

dpebot · 2025-06-07T16:35:26Z

/gcbrun

dpebot · 2025-06-08T00:35:47Z

/gcbrun

dpebot · 2025-06-08T13:04:12Z

/gcbrun

dpebot · 2025-06-08T21:45:59Z

/gcbrun

renovate-bot requested review from a team as code owners March 21, 2025 16:53

blunderbuss-gcf bot assigned loeng2023 Mar 21, 2025

product-auto-label bot added the api: cloudsql-sqlserver Issues related to the googleapis/langchain-google-cloud-sql-mssql-python API. label Mar 21, 2025

renovate-bot force-pushed the renovate/pypi-langchain-core-vulnerability branch from 96829b0 to 2feb378 Compare May 28, 2025 09:40

renovate-bot force-pushed the renovate/pypi-langchain-core-vulnerability branch from 2feb378 to 2d24bf2 Compare May 28, 2025 23:04

renovate-bot force-pushed the renovate/pypi-langchain-core-vulnerability branch from 2d24bf2 to 94f1d72 Compare May 29, 2025 05:29

renovate-bot force-pushed the renovate/pypi-langchain-core-vulnerability branch from 94f1d72 to 8f97bcb Compare May 29, 2025 14:02

renovate-bot force-pushed the renovate/pypi-langchain-core-vulnerability branch from 8f97bcb to c895ca1 Compare May 30, 2025 02:45

renovate-bot force-pushed the renovate/pypi-langchain-core-vulnerability branch from c895ca1 to 1cb6047 Compare May 30, 2025 11:51

renovate-bot force-pushed the renovate/pypi-langchain-core-vulnerability branch from 1cb6047 to 1aea5dc Compare May 30, 2025 21:29

renovate-bot force-pushed the renovate/pypi-langchain-core-vulnerability branch from 1aea5dc to 5c13305 Compare May 31, 2025 07:02

renovate-bot force-pushed the renovate/pypi-langchain-core-vulnerability branch from 5c13305 to 9596162 Compare May 31, 2025 14:28

renovate-bot force-pushed the renovate/pypi-langchain-core-vulnerability branch from 9596162 to 9e725a3 Compare May 31, 2025 21:20

renovate-bot force-pushed the renovate/pypi-langchain-core-vulnerability branch from 9e725a3 to 6033b01 Compare June 1, 2025 04:56

renovate-bot force-pushed the renovate/pypi-langchain-core-vulnerability branch from 6033b01 to e168155 Compare June 1, 2025 13:43

renovate-bot force-pushed the renovate/pypi-langchain-core-vulnerability branch from e168155 to af93972 Compare June 1, 2025 20:46

renovate-bot force-pushed the renovate/pypi-langchain-core-vulnerability branch from 376fa89 to cbb4d34 Compare June 2, 2025 13:23

renovate-bot force-pushed the renovate/pypi-langchain-core-vulnerability branch from cbb4d34 to 6087044 Compare June 2, 2025 23:11

renovate-bot force-pushed the renovate/pypi-langchain-core-vulnerability branch from 6087044 to cb56ae2 Compare June 3, 2025 05:56

renovate-bot force-pushed the renovate/pypi-langchain-core-vulnerability branch from cb56ae2 to 5f6509b Compare June 3, 2025 18:57

renovate-bot force-pushed the renovate/pypi-langchain-core-vulnerability branch from 5f6509b to a7ef531 Compare June 4, 2025 04:47

renovate-bot force-pushed the renovate/pypi-langchain-core-vulnerability branch from a7ef531 to 2222c27 Compare June 4, 2025 17:42

renovate-bot force-pushed the renovate/pypi-langchain-core-vulnerability branch from 2222c27 to 05bd58f Compare June 5, 2025 00:33

renovate-bot force-pushed the renovate/pypi-langchain-core-vulnerability branch from 05bd58f to f9f95e8 Compare June 5, 2025 11:49

renovate-bot force-pushed the renovate/pypi-langchain-core-vulnerability branch from f9f95e8 to c7fe661 Compare June 7, 2025 01:28

renovate-bot force-pushed the renovate/pypi-langchain-core-vulnerability branch from c7fe661 to 1516698 Compare June 7, 2025 08:37

renovate-bot force-pushed the renovate/pypi-langchain-core-vulnerability branch from 1516698 to 6a97331 Compare June 7, 2025 16:35

renovate-bot force-pushed the renovate/pypi-langchain-core-vulnerability branch from 6a97331 to 3f94c23 Compare June 8, 2025 00:35

renovate-bot force-pushed the renovate/pypi-langchain-core-vulnerability branch from 3f94c23 to 477419d Compare June 8, 2025 13:04

chore(deps): update dependency langchain-core to v0.3.15 [security]

8d64c9d

renovate-bot force-pushed the renovate/pypi-langchain-core-vulnerability branch from 477419d to 8d64c9d Compare June 8, 2025 21:45

chore(deps): update dependency langchain-core to v0.3.15 [security] #85

Are you sure you want to change the base?

chore(deps): update dependency langchain-core to v0.3.15 [security] #85

Uh oh!

Conversation

renovate-bot commented Mar 21, 2025

GitHub Vulnerability Alerts

CVE-2024-10940

Configuration

Uh oh!

dpebot commented Mar 21, 2025

Uh oh!

dpebot commented May 28, 2025

Uh oh!

dpebot commented May 28, 2025

Uh oh!

dpebot commented May 29, 2025

Uh oh!

dpebot commented May 29, 2025

Uh oh!

dpebot commented May 30, 2025

Uh oh!

dpebot commented May 30, 2025

Uh oh!

dpebot commented May 30, 2025

Uh oh!

dpebot commented May 31, 2025

Uh oh!

dpebot commented May 31, 2025

Uh oh!

dpebot commented May 31, 2025

Uh oh!

dpebot commented Jun 1, 2025

Uh oh!

dpebot commented Jun 1, 2025

Uh oh!

dpebot commented Jun 2, 2025

Uh oh!

dpebot commented Jun 2, 2025

Uh oh!

dpebot commented Jun 2, 2025

Uh oh!

dpebot commented Jun 3, 2025

Uh oh!

dpebot commented Jun 3, 2025

Uh oh!

dpebot commented Jun 4, 2025

Uh oh!

dpebot commented Jun 4, 2025

Uh oh!

dpebot commented Jun 5, 2025

Uh oh!

dpebot commented Jun 5, 2025

Uh oh!

dpebot commented Jun 7, 2025

Uh oh!

dpebot commented Jun 7, 2025

Uh oh!

dpebot commented Jun 7, 2025

Uh oh!

dpebot commented Jun 8, 2025

Uh oh!

dpebot commented Jun 8, 2025

Uh oh!

dpebot commented Jun 8, 2025

Uh oh!

Uh oh!

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.