CVE-2023-29374
Prompt Injection vulnerability in langchain (PyPI)
What is CVE-2023-29374 About?
This vulnerability in LangChain through 0.0.131 allows for prompt injection attacks that enable arbitrary code execution. An attacker can inject malicious input into the `LLMMathChain` to execute arbitrary Python code via the `exec()` method. This makes the vulnerability highly critical and relatively easy to exploit by manipulating prompts.
Affected Software
- langchain
- <=0.0.131
- <0.0.132
Technical Details
The vulnerability resides in the LLMMathChain component of LangChain through version 0.0.131. Specifically, this chain allows attackers to perform prompt injection attacks. By crafting a malicious prompt, an attacker can manipulate the input that is subsequently passed to the Python exec() method within LLMMathChain. This directly enables arbitrary code execution, as the exec() function can run arbitrary Python statements provided by the attacker, leading to full compromise of the underlying system where LangChain is running.
What is the Impact of CVE-2023-29374?
Successful exploitation may allow attackers to execute arbitrary code, leading to full system compromise, data theft, or denial of service.
What is the Exploitability of CVE-2023-29374?
Exploiting this vulnerability involves crafting a malicious prompt that leverages the LLMMathChain's use of exec(). The complexity is low to moderate, depending on the sanitization and context of the prompt input. No authentication is typically required for prompt injection if the user-controlled input directly feeds into the vulnerable chain. The attack is remote, as it relies on interacting with the LangChain application. The primary risk factor is any scenario where unauthenticated or untrusted user input can influence the LLMMathChain.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for CVE-2023-29374?
Available Upgrade Options
- langchain
- <0.0.132 → Upgrade to 0.0.132
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://twitter.com/rharang/status/1641899743608463365/photo/1
- https://github.com/hwchase17/langchain/pull/1119
- https://github.com/hwchase17/langchain/issues/1026
- https://osv.dev/vulnerability/PYSEC-2023-18
- https://github.com/hwchase17/langchain/issues/1026
- https://github.com/hwchase17/langchain/issues/1026
- https://github.com/langchain-ai/langchain
- https://github.com/hwchase17/langchain/issues/814
- https://github.com/hwchase17/langchain/issues/814
- https://nvd.nist.gov/vuln/detail/CVE-2023-29374
What are Similar Vulnerabilities to CVE-2023-29374?
Similar Vulnerabilities: CVE-2023-38604 , CVE-2023-27367 , CVE-2023-40292 , CVE-2023-49033 , CVE-2023-49032
