@langchain/core 1.1.6 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the @langchain/core package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M Server-side Request Forgery (SSRF) @langchain/core is a Core LangChain.js abstractions and schemas Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) via the `RecursiveUrlLoader` class. An attacker can access internal or sensitive resources by influencing crawled page content to include links that bypass origin and IP address validation, causing the process to fetch attacker-controlled or internal URLs. Note: This is only exploitable if the process runs in an environment with access to internal networks or cloud metadata services. How to fix Server-side Request Forgery (SSRF)? Upgrade `@langchain/core` to version 1.1.14 or higher.	<1.1.14
C Deserialization of Untrusted Data @langchain/core is a Core LangChain.js abstractions and schemas Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the `toJSON` function, which fails to properly escape user-controlled objects containing the `lc` key during serialization. An attacker can extract sensitive environment variable values or instantiate arbitrary classes with attacker-controlled parameters by injecting specially crafted structures into fields such as `additional_kwargs` and `response_metadata` that are later deserialized. Note: This is only exploitable if untrusted data is serialized and then deserialized using the affected process, or if untrusted data is directly deserialized with the relevant method and the `secretsFromEnv` option is enabled. How to fix Deserialization of Untrusted Data? Upgrade `@langchain/core` to version 0.3.80, 1.1.8 or higher.	<0.3.80>=1.0.0-alpha.1 <1.1.8

Vulnerability

Vulnerable Version

Server-side Request Forgery (SSRF)

@langchain/core is a Core LangChain.js abstractions and schemas

Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) via the RecursiveUrlLoader class. An attacker can access internal or sensitive resources by influencing crawled page content to include links that bypass origin and IP address validation, causing the process to fetch attacker-controlled or internal URLs.

Note: This is only exploitable if the process runs in an environment with access to internal networks or cloud metadata services.

How to fix Server-side Request Forgery (SSRF)?

Upgrade @langchain/core to version 1.1.14 or higher.

<1.1.14

Deserialization of Untrusted Data

@langchain/core is a Core LangChain.js abstractions and schemas

Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the toJSON function, which fails to properly escape user-controlled objects containing the lc key during serialization. An attacker can extract sensitive environment variable values or instantiate arbitrary classes with attacker-controlled parameters by injecting specially crafted structures into fields such as additional_kwargs and response_metadata that are later deserialized.

Note: This is only exploitable if untrusted data is serialized and then deserialized using the affected process, or if untrusted data is directly deserialized with the relevant method and the secretsFromEnv option is enabled.

How to fix Deserialization of Untrusted Data?

Upgrade @langchain/core to version 0.3.80, 1.1.8 or higher.

<0.3.80>=1.0.0-alpha.1 <1.1.8

@langchain/core@1.1.6 vulnerabilities

Core LangChain.js abstractions and schemas

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities

Fix vulnerabilities automatically