プラットフォーム
python
コンポーネント
langchain-community
修正版
0.0.28
0.0.28
A Server-Side Request Forgery (SSRF) vulnerability has been identified in the RequestsToolkit component of the langchain-community package, specifically within langchaincommunity.agenttoolkits.openapi.toolkit.RequestsToolkit. This flaw allows attackers to bypass restrictions on remote internet address requests, potentially granting access to local addresses and sensitive information. The vulnerability impacts versions of langchain-community up to 0.0.9, and a fix is available in version 0.0.28.
The SSRF vulnerability in langchain-community allows an attacker to craft malicious requests that the application will execute on the server-side. This can lead to several serious consequences. Attackers could perform internal port scans to map the network infrastructure, potentially identifying vulnerable services. More critically, they can access local services that are not exposed to the public internet, such as internal APIs or databases. In cloud environments like AWS or Azure, the attacker could retrieve instance metadata, exposing sensitive information like API keys and credentials. This could facilitate further lateral movement and compromise of the entire system. The ability to interact with internal resources makes this a high-impact vulnerability.
This vulnerability was publicly disclosed on 2025-06-23. While no public exploits have been reported at the time of writing, the SSRF nature of the vulnerability and the ease of exploitation make it a potential target for automated scanning and exploitation. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept code is anticipated given the SSRF nature of the vulnerability.
Organizations deploying langchain-community in production environments, particularly those utilizing cloud-based infrastructure, are at significant risk. Applications that rely on langchain-community for interacting with external services or internal APIs are also vulnerable. Shared hosting environments where multiple users share the same server instance are particularly susceptible.
• python / server:
import langchain
import requests
# Check langchain version
print(langchain.__version__)
# Attempt a request to a local address (e.g., 127.0.0.1:8080) to test SSRF
# This is a simplified example and may require adjustments based on the application's context
try:
response = requests.get('http://127.0.0.1:8080')
print(f'Request successful: {response.status_code}')
except requests.exceptions.RequestException as e:
print(f'Request failed: {e}')disclosure
エクスプロイト状況
EPSS
0.05% (16% パーセンタイル)
CISA SSVC
CVSS ベクトル
The primary mitigation for CVE-2025-2828 is to immediately upgrade the langchain-community package to version 0.0.28 or later. This version includes a fix that restricts requests to remote internet addresses. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) or proxy to filter outbound requests and block those targeting internal IP addresses or sensitive endpoints. Additionally, review and restrict the permissions granted to the langchain application to minimize the potential impact of a successful SSRF attack. Carefully examine the RequestsToolkit configuration to ensure it adheres to the principle of least privilege.
langchain-community パッケージをバージョン 0.0.28 以降にアップデートしてください。これにより、RequestsToolkitコンポーネントのSSRF脆弱性が修正されます。pipを使用してパッケージをアップデートできます: `pip install langchain-community==0.0.28`。
脆弱性分析と重要アラートをメールでお届けします。
CVE-2025-2828 is a Server-Side Request Forgery vulnerability in the langchain-community package, allowing attackers to make requests on behalf of the server, potentially accessing internal resources.
You are affected if you are using langchain-community versions 0.0.9 or earlier. Upgrade to version 0.0.28 or later to resolve the vulnerability.
Upgrade langchain-community to version 0.0.28 or later. Consider implementing a WAF or proxy as an interim measure if immediate upgrade is not possible.
While no active exploitation has been confirmed, the SSRF nature of the vulnerability makes it a potential target for exploitation.
Refer to the langchain project's security advisories and release notes for details: [https://github.com/langchain-ai/langchain/security/advisories](https://github.com/langchain-ai/langchain/security/advisories)
requirements.txt ファイルをアップロードすると、影響の有無を即座にお知らせします。