cbcvebase.
CVE-2023-44467
published 2023-10-09

CVE-2023-44467: langchain_experimental (aka LangChain Experimental) in LangChain before 0.0.306 allows an attacker to bypass the CVE-2023-36258 fix and execute arbitrary code…

PriorityP277critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
0.94%
56.5th percentile
langchain_experimental (aka LangChain Experimental) in LangChain before 0.0.306 allows an attacker to bypass the CVE-2023-36258 fix and execute arbitrary code via __import__ in Python code, which is not prohibited by pal_chain/base.py.

Affected

6 ranges
VendorProductVersion rangeFixed in
langchainlangchain-experimental< 0.1.80.1.8
langchainlangchain-experimental>= 0 < 0.0.520.0.52
langchainlangchain-experimental>= 0 < 4c97a10bd0d9385cfee234a63b5bd826a295e4834c97a10bd0d9385cfee234a63b5bd826a295e483
langchainlangchain-experimental>= 0 < 0.0.150.0.15
langchainlangchain-experimental0 – 0.0.14
langchainlangchain_experimental

Detection & IOCsextracted from sources · hover to see the quote

  • Detect use of prohibited Python dunder attributes in PALChain-evaluated code: __import__, __subclasses__, __builtins__, __globals__, __getattribute__, __bases__, __mro__, or __base__
  • Monitor for prompt injection payloads targeting LangChain PALChain that attempt to inject executable Python code through user queries converted by the from_math_prompt() method in pal_chain/base.py
  • Flag or block traffic to/from langchain_experimental (LangChain Experimental) versions before 0.0.306 involving PALChain code evaluation endpoints, as these are vulnerable to prompt injection leading to arbitrary code execution
  • Use Next-Generation Firewall with Advanced Threat Prevention to identify and block command injection traffic associated with CVE-2023-44467 exploitation attempts against LangChain PALChain
  • ·The vulnerable code path is in pal_chain/base.py within the langchain_experimental package; the fix for CVE-2023-44467 was incomplete and bypassable via dunder attributes not included in the blocklist
  • ·CVE-2023-44467 affects only LangChain Experimental (langchain_experimental), a separate Python library from the core LangChain package, intended for research/experimental use

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
ghsa9.8CRITICAL
osv9.8CRITICAL
vulncheck9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.