Langchain SQLite Operator-Based SQL Injection Vulnerability in LangGraph
Vulnerability
A SQL injection vulnerability has been identified in the LangGraph's SQLite store implementation, specifically in version 2.0.10. The issue arises from improper handling of filter operators, where direct string concatenation is used without adequate parameterization. This vulnerability allows attackers to inject arbitrary SQL, leading to unauthorized access to documents, exfiltration of sensitive data such as passwords and API keys, and a complete bypass of application-level security filters.
Impact
Exploitation of this vulnerability allows for unauthorized access to all documents, regardless of access level. It also enables the extraction of sensitive information, such as passwords and API keys, and bypasses application-level security controls. Additionally, there is potential for further SQL injection attacks.
Reproduction
The vulnerability can be reproduced by using the LangGraph SQLite store and crafting a filter query that exploits the unparameterized concatenation of operator values into the SQL query. This can be done by injecting SQL payloads that manipulate the query execution, such as using 'OR' conditions to bypass filters or extract sensitive data through SQLite's json_extract() function.
Remediation
A patch for this vulnerability has been developed and will be published soon.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.