CVE-2023-36095 – This vulnerability in LangChain version 0.0.194... (How to Fix)

📋 TL;DR

This vulnerability in LangChain version 0.0.194 allows remote code execution through unsafe Python exec() calls in PALChain functions. Attackers can execute arbitrary code on systems running vulnerable LangChain instances. Anyone using the affected LangChain version with PALChain functionality is at risk.

💻 Affected Systems

Products:

Harrison Chase LangChain

Versions: Version 0.0.194 specifically

Operating Systems: All operating systems running Python

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems using PALChain functionality with from_math_prompt or from_colored_object_prompt methods.

📦 What is this software?

Langchain by Langchain

View all CVEs affecting Langchain →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise allowing attacker to execute arbitrary commands, steal data, install malware, or pivot to other systems.

🟠

Likely Case

Remote code execution leading to data exfiltration, system manipulation, or service disruption.

🟢

If Mitigated

Limited impact if proper input validation and sandboxing are implemented, though risk remains elevated.

🌐 Internet-Facing: HIGH - Directly exploitable if vulnerable endpoints are exposed to the internet.

🏢 Internal Only: HIGH - Even internal systems can be compromised through malicious inputs or insider threats.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires sending malicious input to vulnerable PALChain endpoints. The vulnerability is well-documented in public GitHub issues.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 0.0.195 and later

Vendor Advisory: https://github.com/langchain-ai/langchain/issues/5872

Restart Required: Yes

Instructions:

1. Update LangChain using pip: pip install --upgrade langchain>=0.0.195
2. Restart all services using LangChain
3. Verify the update with: pip show langchain

🔧 Temporary Workarounds

Disable PALChain functionality

all

Temporarily disable or remove PALChain usage until patching is complete

# Remove or comment out PALChain imports and usage in your code

Input validation wrapper

all

Implement strict input validation for all PALChain inputs

# Add input sanitization before passing to PALChain methods

🧯 If You Can't Patch

Implement strict input validation and sanitization for all PALChain inputs
Run LangChain in isolated containers or sandboxes with minimal privileges

🔍 How to Verify

Check if Vulnerable:

Check LangChain version: pip show langchain | grep Version. If version is 0.0.194, you are vulnerable.

Check Version:

pip show langchain | grep Version

Verify Fix Applied:

After updating, verify version is 0.0.195 or higher: pip show langchain | grep Version

📡 Detection & Monitoring

Log Indicators:

Unusual Python exec() calls
Suspicious PALChain method invocations
Unexpected process spawns from LangChain

Network Indicators:

Unusual outbound connections from LangChain processes
Large data transfers following PALChain requests

SIEM Query:

process.name:python AND process.cmdline:*langchain* AND process.cmdline:*exec*

📊 Metadata

CVE ID: CVE-2023-36095

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-94

Published: August 5, 2023

Last Updated: November 21, 2024

🔗 References

http://langchain.com Product
https://github.com/hwchase17/langchain Product
https://github.com/langchain-ai/langchain/issues/5872 Exploit,Issue Tracking,Vendor Advisory
http://langchain.com Product
https://github.com/hwchase17/langchain Product
https://github.com/langchain-ai/langchain/issues/5872 Exploit,Issue Tracking,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-36095, you might also want to check these: