LangGraph SQLite Checkpoint SQL Injection Vulnerability
Vulnerability
A SQL injection vulnerability has been identified in LangGraph's SQLite Checkpoint implementation, prior to version 2.0.11. This vulnerability arises from direct string concatenation in SQL queries without proper parameterization, allowing attackers to inject arbitrary SQL and bypass access controls. The issue affects developers or projects that use the 'checkpoint-sqlite' store and derive filter keys from untrusted input.
Impact
Exploitation of this vulnerability allows for SQL injection, enabling attackers to manipulate SQL queries and potentially access or modify database information inappropriately.
Reproduction
The vulnerability can be reproduced by using the 'SqliteStore' from the 'checkpoint-sqlite' package' and creating a filter key that exploits the SQL injection flaw, such as one that includes SQL logical operators or JSON path injection.
Remediation
Users should update to LangGraph version 2.0.11 or later, where this vulnerability has been fixed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.