LangChain Regular Expression Denial-of-Service Vulnerability in MRKLOutputParser

A regular expression denial-of-service (ReDoS) vulnerability has been identified in LangChain versions through 0.3.1. The issue resides in the MRKLOutputParser's parse() method, where a backtracking-prone regular expression is used to extract tool actions from model output. This vulnerability can be exploited by an attacker who supplies or influences the text being parsed, such as through prompt injection in applications that directly pass LLM output to the parser. The crafted payload can cause excessive CPU usage, leading to significant parsing delays and a denial-of-service condition.

Impact

Exploitation of this vulnerability can cause severe parsing delays, leading to a denial-of-service condition where the application becomes unresponsive to users.

Reproduction

The vulnerability can be reproduced by injecting a payload that exploits the regular expression's backtracking behavior into the text argument of the MRKLOutputParser's parse() method. This can be done through prompt injection in applications that use LangChain's MRKLOutputParser.