CVE-2024-0243 - OpenCVE

With the following crawler configuration: ```python from bs4 import BeautifulSoup as Soup url = "https://example.com" loader = RecursiveUrlLoader( url=url, max_depth=2, extractor=lambda x: Soup(x, "html.parser").text ) docs = loader.load() ``` An attacker in control of the contents of `https://example.com` could place a malicious HTML file in there with links like "https://example.completely.different/my_file.html" and the crawler would proceed to download that file as well even though `prevent_outside=True`. https://github.com/langchain-ai/langchain/blob/bf0b3cc0b5ade1fb95a5b1b6fa260e99064c2e22/libs/community/langchain_community/document_loaders/recursive_url_loader.py#L51-L51 Resolved in https://github.com/langchain-ai/langchain/pull/15559

No CVSS v4.0

No CVSS v3.1

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://github.com/langchain-ai/langchain/commit/bf0b3cc0b5ade1fb95a5b1b6fa260e99064c2e22
https://github.com/langchain-ai/langchain/pull/15559
https://huntr.com/bounties/370904e7-10ac-40a4-a8d4-e2d16e1ca861

History

No history.

MITRE

Status: PUBLISHED

Assigner: @huntr_ai

Published: 2024-02-24T17:59:26.498Z

Updated: 2024-08-01T17:41:16.443Z

Reserved: 2024-01-04T21:47:13.281Z

Link: CVE-2024-0243

Vulnrichment

Updated: 2024-08-01T17:41:16.443Z

NVD

Status : Awaiting Analysis

Published: 2024-02-26T16:27:49.670

Modified: 2024-03-13T21:15:55.173

Link: CVE-2024-0243

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-0243", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "state": "PUBLISHED", "assignerShortName": "@huntr_ai", "dateReserved": "2024-01-04T21:47:13.281Z", "datePublished": "2024-02-24T17:59:26.498Z", "dateUpdated": "2024-08-01T17:41:16.443Z"}, "containers": {"cna": {"title": "Server-side Request Forgery In Recursive URL Loader", "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2024-02-24T17:59:26.498Z"}, "descriptions": [{"lang": "en", "value": "With the following crawler configuration:\n\n```python\nfrom bs4 import BeautifulSoup as Soup\n\nurl = \"https://example.com\"\nloader = RecursiveUrlLoader(\n url=url, max_depth=2, extractor=lambda x: Soup(x, \"html.parser\").text\n)\ndocs = loader.load()\n```\n\nAn attacker in control of the contents of `https://example.com` could place a malicious HTML file in there with links like \"https://example.completely.different/my_file.html\" and the crawler would proceed to download that file as well even though `prevent_outside=True`.\n\nhttps://github.com/langchain-ai/langchain/blob/bf0b3cc0b5ade1fb95a5b1b6fa260e99064c2e22/libs/community/langchain_community/document_loaders/recursive_url_loader.py#L51-L51\n\nResolved in https://github.com/langchain-ai/langchain/pull/15559"}], "affected": [{"vendor": "langchain-ai", "product": "langchain-ai/langchain", "versions": [{"version": "unspecified", "lessThan": "0.1.0", "status": "affected", "versionType": "custom"}]}], "references": [{"url": "https://huntr.com/bounties/370904e7-10ac-40a4-a8d4-e2d16e1ca861"}, {"url": "https://github.com/langchain-ai/langchain/commit/bf0b3cc0b5ade1fb95a5b1b6fa260e99064c2e22"}, {"url": "https://github.com/langchain-ai/langchain/pull/15559"}], "metrics": [{"cvssV3_0": {"version": "3.0", "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N", "baseScore": 3.7, "baseSeverity": "LOW"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-918 Server-Side Request Forgery (SSRF)", "cweId": "CWE-918"}]}], "source": {"advisory": "370904e7-10ac-40a4-a8d4-e2d16e1ca861", "discovery": "EXTERNAL"}}, "adp": [{"affected": [{"vendor": "langchain-ai", "product": "langchain-ai\\/langchain", "cpes": ["cpe:2.3:a:langchain-ai:langchain-ai\\/langchain:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "0.1.0", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-02-26T18:43:11.371044Z", "id": "CVE-2024-0243", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-25T17:35:21.655Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T17:41:16.443Z"}, "title": "CVE Program Container", "references": [{"url": "https://huntr.com/bounties/370904e7-10ac-40a4-a8d4-e2d16e1ca861", "tags": ["x_transferred"]}, {"url": "https://github.com/langchain-ai/langchain/commit/bf0b3cc0b5ade1fb95a5b1b6fa260e99064c2e22", "tags": ["x_transferred"]}, {"url": "https://github.com/langchain-ai/langchain/pull/15559", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://huntr.com/bounties/370904e7-10ac-40a4-a8d4-e2d16e1ca861", "tags": ["x_transferred"]}, {"url": "https://github.com/langchain-ai/langchain/commit/bf0b3cc0b5ade1fb95a5b1b6fa260e99064c2e22", "tags": ["x_transferred"]}, {"url": "https://github.com/langchain-ai/langchain/pull/15559", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T17:41:16.443Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-0243", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-26T18:43:11.371044Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:langchain-ai:langchain-ai\\/langchain:*:*:*:*:*:*:*:*"], "vendor": "langchain-ai", "product": "langchain-ai\\/langchain", "versions": [{"status": "affected", "version": "0", "lessThan": "0.1.0", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-25T17:34:41.715Z"}}], "cna": {"title": "Server-side Request Forgery In Recursive URL Loader", "source": {"advisory": "370904e7-10ac-40a4-a8d4-e2d16e1ca861", "discovery": "EXTERNAL"}, "metrics": [{"cvssV3_0": {"scope": "CHANGED", "version": "3.0", "baseScore": 3.7, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "langchain-ai", "product": "langchain-ai/langchain", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "0.1.0", "versionType": "custom"}]}], "references": [{"url": "https://huntr.com/bounties/370904e7-10ac-40a4-a8d4-e2d16e1ca861"}, {"url": "https://github.com/langchain-ai/langchain/commit/bf0b3cc0b5ade1fb95a5b1b6fa260e99064c2e22"}, {"url": "https://github.com/langchain-ai/langchain/pull/15559"}], "descriptions": [{"lang": "en", "value": "With the following crawler configuration:\n\n```python\nfrom bs4 import BeautifulSoup as Soup\n\nurl = \"https://example.com\"\nloader = RecursiveUrlLoader(\n url=url, max_depth=2, extractor=lambda x: Soup(x, \"html.parser\").text\n)\ndocs = loader.load()\n```\n\nAn attacker in control of the contents of `https://example.com` could place a malicious HTML file in there with links like \"https://example.completely.different/my_file.html\" and the crawler would proceed to download that file as well even though `prevent_outside=True`.\n\nhttps://github.com/langchain-ai/langchain/blob/bf0b3cc0b5ade1fb95a5b1b6fa260e99064c2e22/libs/community/langchain_community/document_loaders/recursive_url_loader.py#L51-L51\n\nResolved in https://github.com/langchain-ai/langchain/pull/15559"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "CWE-918 Server-Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2024-02-24T17:59:26.498Z"}}}, "cveMetadata": {"cveId": "CVE-2024-0243", "state": "PUBLISHED", "dateUpdated": "2024-08-01T17:41:16.443Z", "dateReserved": "2024-01-04T21:47:13.281Z", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "datePublished": "2024-02-24T17:59:26.498Z", "assignerShortName": "@huntr_ai"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "With the following crawler configuration:\n\n```python\nfrom bs4 import BeautifulSoup as Soup\n\nurl = \"https://example.com\"\nloader = RecursiveUrlLoader(\n url=url, max_depth=2, extractor=lambda x: Soup(x, \"html.parser\").text\n)\ndocs = loader.load()\n```\n\nAn attacker in control of the contents of `https://example.com` could place a malicious HTML file in there with links like \"https://example.completely.different/my_file.html\" and the crawler would proceed to download that file as well even though `prevent_outside=True`.\n\nhttps://github.com/langchain-ai/langchain/blob/bf0b3cc0b5ade1fb95a5b1b6fa260e99064c2e22/libs/community/langchain_community/document_loaders/recursive_url_loader.py#L51-L51\n\nResolved in https://github.com/langchain-ai/langchain/pull/15559"}, {"lang": "es", "value": "Con la siguiente configuraci\u00f3n del rastreador: ```python de bs4 import BeautifulSoup as Soup url = \"https://example.com\" loader = RecursiveUrlLoader( url=url, max_ Depth=2, extractor=lambda x: Soup(x, \"html .parser\").text ) docs = loader.load() ``` Un atacante que controle el contenido de `https://example.com` podr\u00eda colocar un archivo HTML malicioso all\u00ed con enlaces como \"https:/example.completely.different/my_file.html\" y el rastreador proceder\u00eda a descargar ese archivo tambi\u00e9n aunque `prevent_outside=True`. https://github.com/langchain-ai/langchain/blob/bf0b3cc0b5ade1fb95a5b1b6fa260e99064c2e22/libs/community/langchain_community/document_loaders/recursive_url_loader.py#L51-L51 Resuelto en https://github.com/langchain-ai/langchain/pull /15559"}], "id": "CVE-2024-0243", "lastModified": "2024-03-13T21:15:55.173", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 0.6, "impactScore": 2.7, "source": "security@huntr.dev", "type": "Secondary"}]}, "published": "2024-02-26T16:27:49.670", "references": [{"source": "security@huntr.dev", "url": "https://github.com/langchain-ai/langchain/commit/bf0b3cc0b5ade1fb95a5b1b6fa260e99064c2e22"}, {"source": "security@huntr.dev", "url": "https://github.com/langchain-ai/langchain/pull/15559"}, {"source": "security@huntr.dev", "url": "https://huntr.com/bounties/370904e7-10ac-40a4-a8d4-e2d16e1ca861"}], "sourceIdentifier": "security@huntr.dev", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "security@huntr.dev", "type": "Primary"}]}