CVE-2024-46946: 
Python vulnerability analysis and mitigation

A remote code execution vulnerability has been identified in langchain_experimental (aka LangChain Experimental) versions 0.1.17 through 0.3.0. The vulnerability exists in the LLMSymbolicMathChain component, which was introduced on October 5, 2023, in commit fcccde406dd9e9b05fc9babcbeb9ff527b0ec0c6. The vulnerability allows attackers to execute arbitrary code through sympy.sympify, which internally uses Python's eval() function (NVD, GitHub POC).

The vulnerability stems from the use of sympy.sympify() function in the LLMSymbolicMathChain component to evaluate mathematical expressions without proper input sanitization. The function internally uses Python's eval() function for expression evaluation, which can lead to arbitrary code execution if not properly restricted. The vulnerability has been assigned a CVSS v3.1 base score of 9.8 CRITICAL (Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) (NVD).

An attacker who can control the input to SymbolicMathChain could potentially execute arbitrary code on the system running the LangChain application. This could lead to full system compromise, allowing attackers to execute unauthorized commands with the privileges of the application running the vulnerable code (GitHub POC).

It is recommended to implement strict input validation and sanitization before passing any user-controlled input to sympy.sympify(). Organizations should consider using a whitelist of allowed mathematical operations and symbols, or explore alternative methods for safe mathematical expression evaluation. Users should upgrade to a version newer than 0.3.0 when available (GitHub POC).