PYSEC-2024-115
Vulnerability from pysec - Published: 2024-11-05 16:04 - Updated: 2024-11-12 19:19
VLAI?
Details
A vulnerability in the GraphCypherQAChain class of langchain-ai/langchain-community version 0.2.5 allows for SQL injection through prompt injection. This vulnerability can lead to unauthorized data manipulation, data exfiltration, denial of service (DoS) by deleting all data, breaches in multi-tenant security environments, and data integrity issues. Attackers can create, update, or delete nodes and relationships without proper authorization, extract sensitive data, disrupt services, access data across different tenants, and compromise the integrity of the database.
Severity ?
9.8 (Critical)
Impacted products
| Name | purl | langchain | pkg:pypi/langchain | langchain-community | pkg:pypi/langchain-community |
|---|
Aliases
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "langchain",
"purl": "pkg:pypi/langchain"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "c2a3021bb0c5f54649d380b42a0684ca5778c255"
}
],
"repo": "https://github.com/langchain-ai/langchain",
"type": "GIT"
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.2.0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.0.1",
"0.0.10",
"0.0.100",
"0.0.101",
"0.0.101rc0",
"0.0.102",
"0.0.102rc0",
"0.0.103",
"0.0.104",
"0.0.105",
"0.0.106",
"0.0.107",
"0.0.108",
"0.0.109",
"0.0.11",
"0.0.110",
"0.0.111",
"0.0.112",
"0.0.113",
"0.0.114",
"0.0.115",
"0.0.116",
"0.0.117",
"0.0.118",
"0.0.119",
"0.0.12",
"0.0.120",
"0.0.121",
"0.0.122",
"0.0.123",
"0.0.124",
"0.0.125",
"0.0.126",
"0.0.127",
"0.0.128",
"0.0.129",
"0.0.13",
"0.0.130",
"0.0.131",
"0.0.132",
"0.0.133",
"0.0.134",
"0.0.135",
"0.0.136",
"0.0.137",
"0.0.138",
"0.0.139",
"0.0.14",
"0.0.140",
"0.0.141",
"0.0.142",
"0.0.143",
"0.0.144",
"0.0.145",
"0.0.146",
"0.0.147",
"0.0.148",
"0.0.149",
"0.0.15",
"0.0.150",
"0.0.151",
"0.0.152",
"0.0.153",
"0.0.154",
"0.0.155",
"0.0.156",
"0.0.157",
"0.0.158",
"0.0.159",
"0.0.16",
"0.0.160",
"0.0.161",
"0.0.162",
"0.0.163",
"0.0.164",
"0.0.165",
"0.0.166",
"0.0.167",
"0.0.168",
"0.0.169",
"0.0.17",
"0.0.170",
"0.0.171",
"0.0.172",
"0.0.173",
"0.0.174",
"0.0.175",
"0.0.176",
"0.0.177",
"0.0.178",
"0.0.179",
"0.0.18",
"0.0.180",
"0.0.181",
"0.0.182",
"0.0.183",
"0.0.184",
"0.0.185",
"0.0.186",
"0.0.187",
"0.0.188",
"0.0.189",
"0.0.19",
"0.0.190",
"0.0.191",
"0.0.192",
"0.0.193",
"0.0.194",
"0.0.195",
"0.0.196",
"0.0.197",
"0.0.198",
"0.0.199",
"0.0.2",
"0.0.20",
"0.0.200",
"0.0.201",
"0.0.202",
"0.0.203",
"0.0.204",
"0.0.205",
"0.0.206",
"0.0.207",
"0.0.208",
"0.0.209",
"0.0.21",
"0.0.210",
"0.0.211",
"0.0.212",
"0.0.213",
"0.0.214",
"0.0.215",
"0.0.216",
"0.0.217",
"0.0.218",
"0.0.219",
"0.0.22",
"0.0.220",
"0.0.221",
"0.0.222",
"0.0.223",
"0.0.224",
"0.0.225",
"0.0.226",
"0.0.227",
"0.0.228",
"0.0.229",
"0.0.23",
"0.0.230",
"0.0.231",
"0.0.232",
"0.0.233",
"0.0.234",
"0.0.235",
"0.0.236",
"0.0.237",
"0.0.238",
"0.0.239",
"0.0.24",
"0.0.240",
"0.0.240rc0",
"0.0.240rc1",
"0.0.240rc4",
"0.0.242",
"0.0.243",
"0.0.244",
"0.0.245",
"0.0.246",
"0.0.247",
"0.0.248",
"0.0.249",
"0.0.25",
"0.0.250",
"0.0.251",
"0.0.252",
"0.0.253",
"0.0.254",
"0.0.255",
"0.0.256",
"0.0.257",
"0.0.258",
"0.0.259",
"0.0.26",
"0.0.260",
"0.0.261",
"0.0.262",
"0.0.263",
"0.0.264",
"0.0.265",
"0.0.266",
"0.0.267",
"0.0.268",
"0.0.269",
"0.0.27",
"0.0.270",
"0.0.271",
"0.0.272",
"0.0.273",
"0.0.274",
"0.0.275",
"0.0.276",
"0.0.277",
"0.0.278",
"0.0.279",
"0.0.28",
"0.0.281",
"0.0.283",
"0.0.284",
"0.0.285",
"0.0.286",
"0.0.287",
"0.0.288",
"0.0.289",
"0.0.29",
"0.0.290",
"0.0.291",
"0.0.292",
"0.0.293",
"0.0.294",
"0.0.295",
"0.0.296",
"0.0.297",
"0.0.298",
"0.0.299",
"0.0.3",
"0.0.30",
"0.0.300",
"0.0.301",
"0.0.302",
"0.0.303",
"0.0.304",
"0.0.305",
"0.0.306",
"0.0.307",
"0.0.308",
"0.0.309",
"0.0.31",
"0.0.310",
"0.0.311",
"0.0.312",
"0.0.313",
"0.0.314",
"0.0.315",
"0.0.316",
"0.0.317",
"0.0.318",
"0.0.319",
"0.0.32",
"0.0.320",
"0.0.321",
"0.0.322",
"0.0.323",
"0.0.324",
"0.0.325",
"0.0.326",
"0.0.327",
"0.0.329",
"0.0.33",
"0.0.330",
"0.0.331",
"0.0.331rc0",
"0.0.331rc1",
"0.0.331rc2",
"0.0.331rc3",
"0.0.332",
"0.0.333",
"0.0.334",
"0.0.335",
"0.0.336",
"0.0.337",
"0.0.338",
"0.0.339",
"0.0.339rc0",
"0.0.339rc1",
"0.0.339rc2",
"0.0.339rc3",
"0.0.34",
"0.0.340",
"0.0.341",
"0.0.342",
"0.0.343",
"0.0.344",
"0.0.345",
"0.0.346",
"0.0.347",
"0.0.348",
"0.0.349",
"0.0.349rc1",
"0.0.349rc2",
"0.0.35",
"0.0.350",
"0.0.351",
"0.0.352",
"0.0.353",
"0.0.354",
"0.0.36",
"0.0.37",
"0.0.38",
"0.0.39",
"0.0.4",
"0.0.40",
"0.0.41",
"0.0.42",
"0.0.43",
"0.0.44",
"0.0.45",
"0.0.46",
"0.0.47",
"0.0.48",
"0.0.49",
"0.0.5",
"0.0.50",
"0.0.51",
"0.0.52",
"0.0.53",
"0.0.54",
"0.0.55",
"0.0.56",
"0.0.57",
"0.0.58",
"0.0.59",
"0.0.6",
"0.0.60",
"0.0.61",
"0.0.63",
"0.0.64",
"0.0.65",
"0.0.66",
"0.0.67",
"0.0.68",
"0.0.69",
"0.0.7",
"0.0.70",
"0.0.71",
"0.0.72",
"0.0.73",
"0.0.74",
"0.0.75",
"0.0.76",
"0.0.77",
"0.0.78",
"0.0.79",
"0.0.8",
"0.0.80",
"0.0.81",
"0.0.82",
"0.0.83",
"0.0.84",
"0.0.85",
"0.0.86",
"0.0.87",
"0.0.88",
"0.0.89",
"0.0.9",
"0.0.90",
"0.0.91",
"0.0.92",
"0.0.93",
"0.0.94",
"0.0.95",
"0.0.96",
"0.0.97",
"0.0.98",
"0.0.99",
"0.0.99rc0",
"0.1.0",
"0.1.1",
"0.1.10",
"0.1.11",
"0.1.12",
"0.1.13",
"0.1.14",
"0.1.15",
"0.1.16",
"0.1.17",
"0.1.17rc1",
"0.1.19",
"0.1.2",
"0.1.20",
"0.1.3",
"0.1.4",
"0.1.5",
"0.1.6",
"0.1.7",
"0.1.8",
"0.1.9",
"0.2.0rc1",
"0.2.0rc2"
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "langchain-community",
"purl": "pkg:pypi/langchain-community"
},
"ranges": [
{
"events": [
{
"introduced": "0.2.0"
},
{
"fixed": "0.3.0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.2.0",
"0.2.1",
"0.2.2",
"0.2.3",
"0.2.4",
"0.2.5",
"0.2.6",
"0.2.7",
"0.2.9",
"0.2.10",
"0.2.11",
"0.2.12",
"0.2.13",
"0.2.15",
"0.2.16",
"0.2.17",
"0.2.18",
"0.2.14",
"0.3.0.dev1",
"0.3.0.dev2",
"0.2.19"
]
}
],
"aliases": [
"CVE-2024-8309"
],
"details": "A vulnerability in the GraphCypherQAChain class of langchain-ai/langchain-community version 0.2.5 allows for SQL injection through prompt injection. This vulnerability can lead to unauthorized data manipulation, data exfiltration, denial of service (DoS) by deleting all data, breaches in multi-tenant security environments, and data integrity issues. Attackers can create, update, or delete nodes and relationships without proper authorization, extract sensitive data, disrupt services, access data across different tenants, and compromise the integrity of the database.",
"id": "PYSEC-2024-115",
"modified": "2024-11-12T19:19:57.535206Z",
"published": "2024-11-05T16:04:14Z",
"references": [
{
"type": "EVIDENCE",
"url": "https://huntr.com/bounties/8f4ad910-7fdc-4089-8f0a-b5df5f32e7c5"
},
{
"type": "WEB",
"url": "https://huntr.com/bounties/8f4ad910-7fdc-4089-8f0a-b5df5f32e7c5"
},
{
"type": "FIX",
"url": "https://github.com/langchain-ai/langchain/commit/c2a3021bb0c5f54649d380b42a0684ca5778c255"
}
],
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…