CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7774 – Path Traversal in langchain-ai/langchainjs
https://notcve.org/view.php?id=CVE-2024-7774
29 Oct 2024 — A path traversal vulnerability exists in the `getFullPath` method of langchain-ai/langchainjs version 0.2.5. This vulnerability allows attackers to save files anywhere in the filesystem, overwrite existing text files, read `.txt` files, and delete files. The vulnerability is exploited through the `setFileContent`, `getParsedFile`, and `mdelete` methods, which do not properly sanitize user input. • https://github.com/langchain-ai/langchainjs/commit/a0fad77d6b569e5872bd4a9d33be0c0785e538a9 • CWE-29: Path Traversal: '\..\filename' •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1455 – Billion Laughs Attack leading to DoS in langchain-ai/langchain
https://notcve.org/view.php?id=CVE-2024-1455
26 Mar 2024 — A vulnerability in the langchain-ai/langchain repository allows for a Billion Laughs Attack, a type of XML External Entity (XXE) exploitation. By nesting multiple layers of entities within an XML document, an attacker can cause the XML parser to consume excessive CPU and memory resources, leading to a denial of service (DoS). XMLOutputParser en LangChain utiliza el módulo etree del analizador XML en la biblioteca estándar de Python que tiene algunas vulnerabilidades XML; consulte: https://docs.python.org/3/... • https://github.com/langchain-ai/langchain/commit/727d5023ce88e18e3074ef620a98137d26ff92a3 • CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0243 – Server-side Request Forgery In Recursive URL Loader
https://notcve.org/view.php?id=CVE-2024-0243
24 Feb 2024 — With the following crawler configuration: ```python from bs4 import BeautifulSoup as Soup url = "https://example.com" loader = RecursiveUrlLoader( url=url, max_depth=2, extractor=lambda x: Soup(x, "html.parser").text ) docs = loader.load() ``` An attacker in control of the contents of `https://example.com` could place a malicious HTML file in there with links like "https://example.completely.different/my_file.html" and the crawler would proceed to download that file as well even though `prevent_outside=True... • https://github.com/langchain-ai/langchain/commit/bf0b3cc0b5ade1fb95a5b1b6fa260e99064c2e22 • CWE-918: Server-Side Request Forgery (SSRF) •