Medium

langchain

Infinite Recursion Leading to Denial-of-Service in Sitemap Parsing

A Denial-of-Service vulnerability exists in the `SitemapLoader` class of the langchain-ai/langchain project due to infinite recursion when parsing self-referential sitemaps. This issue affects all versions of the software and can lead to server resource exhaustion and process crashes. The vulnerability was identified in an environment running Ubuntu 20.04.6 LTS, Nginx/1.25.2, and Python 3.11.0.

Available publicly on May 12 2024

4.2

CVSS:

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Credit:

dxan29a
Threat Overview

The vulnerability stems from the parse_sitemap method's inability to detect and prevent parsing of a sitemap that refers to itself, leading to infinite recursion. This flaw can be exploited by an attacker by crafting a sitemap that includes a URL pointing to its own location. When the SitemapLoader attempts to parse this sitemap, it enters an infinite loop, consuming server resources and eventually crashing the Python process due to reaching the maximum recursion depth.

Attack Scenario

An attacker crafts a malicious sitemap (infinite-loop.xml) containing a URL that points to the sitemap itself. The attacker then hosts this sitemap on a server and triggers the vulnerable application to parse this sitemap by making a request to the application's endpoint that initiates sitemap loading. The application's attempt to parse the malicious sitemap results in infinite recursion, leading to resource exhaustion and a Denial-of-Service condition.

Who is affected

All users of the langchain-ai/langchain project who utilize the SitemapLoader class for parsing sitemaps are affected by this vulnerability. This includes applications that automatically parse sitemaps from untrusted sources.

Technical Report
Want more out of Sightline?

Sightline offers even more for premium customers

Go Premium

We have 564 related security advisories that are available with Sightline Premium.