Skip to main content

Langchain CVE-2023-46229

HIGH
Server-Side Request Forgery (SSRF) (CWE-918)
2023-10-19 cve@mitre.org
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Oct 19, 2023 - 05:15 nvd
HIGH 8.8

Blast Radius

ecosystem impact
† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth
  • 1 pypi packages depend on langchain (1 direct, 0 indirect)

Ecosystem-wide dependent count for version 0.0.317.

DescriptionNVD

LangChain before 0.0.317 allows SSRF via document_loaders/recursive_url_loader.py because crawling can proceed from an external server to an internal server.

AnalysisAI

LangChain before 0.0.317 allows SSRF via document_loaders/recursive_url_loader.py because crawling can proceed from an external server to an internal server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

Technical ContextAI

This vulnerability is classified as Server-Side Request Forgery (SSRF) (CWE-918), which allows attackers to make the server perform requests to unintended internal or external resources. LangChain before 0.0.317 allows SSRF via document_loaders/recursive_url_loader.py because crawling can proceed from an external server to an internal server. Affected products include: Langchain. Version information: before 0.0.317.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Validate and allowlist destination URLs, block requests to internal networks, use network segmentation.

CVE-2026-27966 CRITICAL POC
9.8 Feb 26

Code injection in Langflow CSV Agent node before 1.8.0. The node hardcodes allow_dangerous_code=True, enabling arbitrary

CVE-2023-36095 CRITICAL POC
9.8 Aug 05

An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in

CVE-2025-2828 CRITICAL POC
10.0 Jun 23

A remote code execution vulnerability in langchain-ai/langchain (CVSS 10.0). Risk factors: public PoC available. Vendor

CVE-2024-8309 CRITICAL POC
9.8 Oct 29

A vulnerability in the GraphCypherQAChain class of langchain-ai/langchain version 0.2.5 allows for SQL injection through

CVE-2024-7042 CRITICAL POC
9.8 Oct 29

A vulnerability in the GraphCypherQAChain class of langchain-ai/langchainjs versions 0.2.5 and all versions with this cl

CVE-2024-2057 CRITICAL POC
9.8 Mar 01

A vulnerability was found in LangChain langchain_community 0.0.26. Rated critical severity (CVSS 9.8), this vulnerabilit

CVE-2023-39631 CRITICAL POC
9.8 Sep 01

An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function

CVE-2023-36281 CRITICAL POC
9.8 Aug 22

An issue in langchain v.0.0.171 allows a remote attacker to execute arbitrary code via a JSON file to load_prompt. Rated

CVE-2023-39659 CRITICAL POC
9.8 Aug 15

An issue in langchain langchain-ai v.0.0.232 and before allows a remote attacker to execute arbitrary code via a crafted

CVE-2023-38896 CRITICAL POC
9.8 Aug 15

An issue in Harrison Chase langchain v.0.0.194 and before allows a remote attacker to execute arbitrary code via the fro

CVE-2023-38860 CRITICAL POC
9.8 Aug 15

An issue in LangChain v.0.0.231 allows a remote attacker to execute arbitrary code via the prompt parameter. Rated criti

CVE-2023-36188 CRITICAL POC
9.8 Jul 06

An issue in langchain v.0.0.64 allows a remote attacker to execute arbitrary code via the PALChain parameter in the Pyth

Share

CVE-2023-46229 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy