langchain-core 0.1.12rc1 vulnerabilities

Known vulnerabilities in the langchain-core package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
H Exposure of Sensitive System Information to an Unauthorized Control Sphere langchain-core is a Building applications with LLMs through composability Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere in the `ImagePromptTemplate` in `image.py`, which can be instantiated with input variables that can contains paths exposing files from the underlying filesystem. The output of the prompt template may be exposed to the model and subsequently the unauthorized user. How to fix Exposure of Sensitive System Information to an Unauthorized Control Sphere? Upgrade `langchain-core` to version 0.1.53, 0.2.43, 0.3.15 or higher.	[,0.1.53)[0.2.0rc1,0.2.43)[0.3.0.dev0,0.3.15)
M Improper Restriction of XML External Entity Reference langchain-core is a Building applications with LLMs through composability Affected versions of this package are vulnerable to Improper Restriction of XML External Entity Reference due to the `XMLOutputParser` using the `etree` module from the XML parser in the standard python library, which is known to have vulnerabilities. This issue primarily affects users that combine an LLM (or agent) with the `XMLOutputParser` and expose the component via an endpoint on a web-service. A malicious party could attempt to manipulate the LLM to produce a malicious payload for the parser, compromising the availability of the service. Note: This is only exploitable if `XMLOutputParser` is used Malicious input is passed into the `XMLOutputParser` either directly or by trying to manipulate an LLM to do so on the user's behalf The component is exposed via a web-service. How to fix Improper Restriction of XML External Entity Reference? Upgrade `langchain-core` to version 0.1.34 or higher.	[,0.1.34)
C Path Traversal langchain-core is a Building applications with LLMs through composability Affected versions of this package are vulnerable to Path Traversal due to improper validation of user-supplied input in the `load_chain` call. An attacker can achieve remote code execution or disclose sensitive information by manipulating the path parameter to traverse directories and load configurations or execute code not intended by the application. Notes: This is only exploitable if the attacker can control the final part of the path parameter. `llm_bash_chain` is an experimental feature. How to fix Path Traversal? Upgrade `langchain-core` to version 0.1.31 or higher.	[,0.1.31)

Vulnerability

Vulnerable Version

Exposure of Sensitive System Information to an Unauthorized Control Sphere

langchain-core is a Building applications with LLMs through composability

Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere in the ImagePromptTemplate in image.py, which can be instantiated with input variables that can contains paths exposing files from the underlying filesystem. The output of the prompt template may be exposed to the model and subsequently the unauthorized user.

How to fix Exposure of Sensitive System Information to an Unauthorized Control Sphere?

Upgrade langchain-core to version 0.1.53, 0.2.43, 0.3.15 or higher.

[,0.1.53)[0.2.0rc1,0.2.43)[0.3.0.dev0,0.3.15)

Improper Restriction of XML External Entity Reference

langchain-core is a Building applications with LLMs through composability

Affected versions of this package are vulnerable to Improper Restriction of XML External Entity Reference due to the XMLOutputParser using the etree module from the XML parser in the standard python library, which is known to have vulnerabilities. This issue primarily affects users that combine an LLM (or agent) with the XMLOutputParser and expose the component via an endpoint on a web-service. A malicious party could attempt to manipulate the LLM to produce a malicious payload for the parser, compromising the availability of the service.

Note:

This is only exploitable if

XMLOutputParser is used
Malicious input is passed into the XMLOutputParser either directly or by trying to manipulate an LLM to do so on the user's behalf
The component is exposed via a web-service.

How to fix Improper Restriction of XML External Entity Reference?

Upgrade langchain-core to version 0.1.34 or higher.

[,0.1.34)

Path Traversal

langchain-core is a Building applications with LLMs through composability

Affected versions of this package are vulnerable to Path Traversal due to improper validation of user-supplied input in the load_chain call. An attacker can achieve remote code execution or disclose sensitive information by manipulating the path parameter to traverse directories and load configurations or execute code not intended by the application.

Notes:

This is only exploitable if the attacker can control the final part of the path parameter.
llm_bash_chain is an experimental feature.

How to fix Path Traversal?

Upgrade langchain-core to version 0.1.31 or higher.

[,0.1.31)

langchain-core@0.1.12rc1 vulnerabilities

Building applications with LLMs through composability

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities

How to fix?