CVE-2024-1455

Billion Laughs Attack leading to DoS in langchain-ai/langchain

Severity Score

5.9

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track*

*SSVC

Descriptions

A vulnerability in the langchain-ai/langchain repository allows for a Billion Laughs Attack, a type of XML External Entity (XXE) exploitation. By nesting multiple layers of entities within an XML document, an attacker can cause the XML parser to consume excessive CPU and memory resources, leading to a denial of service (DoS).

XMLOutputParser en LangChain utiliza el módulo etree del analizador XML en la biblioteca estándar de Python que tiene algunas vulnerabilidades XML; consulte: https://docs.python.org/3/library/xml.html Esto afecta principalmente a los usuarios que combinan un LLM (o agente) con `XMLOutputParser` y exponen el componente a través de un endpoint en un servicio web. Esto permitiría que una parte malintencionada intentara manipular el LLM para producir un payload malicioso para el analizador que comprometería la disponibilidad del servicio. Un ataque exitoso se basa en: 1. Uso de XMLOutputParser 2. Pasar entradas maliciosas al XMLOutputParser, ya sea directamente o intentando manipular un LLM para que lo haga en nombre del usuario 3. Exponer el componente a través de un servicio web

*Credits: N/A

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:Track*

Exploitation

Poc

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-02-12 CVE Reserved
2024-03-26 CVE Published
2024-03-27 EPSS Updated
2024-08-15 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

CAPEC

References (2)

URL	Tag	Source
https://github.com/langchain-ai/langchain/commit/727d5023ce88e18e3074ef620a98137d26ff92a3
https://huntr.com/bounties/4353571f-c70d-4bfd-ac08-3a89cecb45b6

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Langchain-ai Search vendor "Langchain-ai"		Langchain-ai/langchain Search vendor "Langchain-ai" for product "Langchain-ai/langchain"				*		-		Affected