Vulnerability	Vulnerable Version
M Uncontrolled Resource Consumption ('Resource Exhaustion') Affected versions of this package are vulnerable to Uncontrolled Resource Consumption ('Resource Exhaustion') through the `SitemapLoader` class. An attacker can occupy server socket/port resources and crash the Python process by inducing an infinite loop via recursive sitemap URL references. How to fix Uncontrolled Resource Consumption ('Resource Exhaustion')? Upgrade `langchain-community` to version 0.2.5 or higher.	[,0.2.5)
M Server-Side Request Forgery (SSRF) Affected versions of this package are vulnerable to Server-Side Request Forgery (SSRF) due to the `load_local` function. An attacker can perform actions on behalf of the server or access unauthorized information by sending crafted requests to the vulnerable function. How to fix Server-Side Request Forgery (SSRF)? Upgrade `langchain-community` to version 0.0.27 or higher.	[,0.0.27)

Uncontrolled Resource Consumption ('Resource Exhaustion')

Affected versions of this package are vulnerable to Uncontrolled Resource Consumption ('Resource Exhaustion') through the SitemapLoader class. An attacker can occupy server socket/port resources and crash the Python process by inducing an infinite loop via recursive sitemap URL references.

How to fix Uncontrolled Resource Consumption ('Resource Exhaustion')?

Upgrade langchain-community to version 0.2.5 or higher.

[,0.2.5)

Server-Side Request Forgery (SSRF)

Affected versions of this package are vulnerable to Server-Side Request Forgery (SSRF) due to the load_local function. An attacker can perform actions on behalf of the server or access unauthorized information by sending crafted requests to the vulnerable function.

How to fix Server-Side Request Forgery (SSRF)?

Upgrade langchain-community to version 0.0.27 or higher.

[,0.0.27)

Go back to all versions of this package