LangSmith JavaScript/TypeScript SDK Prototype Pollution Vulnerability

A prototype pollution vulnerability has been identified in the LangSmith JavaScript/TypeScript SDK (version 0.5.17 and prior). The issue arises from an incomplete fix in the internally vendored lodash 'set()' utility, which fails to adequately guard against prototype traversal via 'constructor.prototype'. This flaw allows an attacker to manipulate 'Object.prototype', impacting all objects within the Node.js process. The vulnerability can be exploited through the 'createAnonymizer()' API by crafting data that traverses the prototype chain, leading to unauthorized access or manipulation of object properties.

Impact

Exploitation of this vulnerability allows for prototype pollution, which can bypass authentication checks, especially in scenarios where object properties are evaluated for access control. Additionally, it can be leveraged to execute remote code in certain template engines by injecting values into properties that are processed by 'eval()' or 'Function()'

Reproduction

To reproduce this vulnerability, use the 'createAnonymizer()' API from the LangSmith SDK. Construct an object that includes a key path traversing 'constructor.prototype', such as 'constructor.prototype.isAdmin'. When the anonymizer processes this data, it will pollute the prototype, bypassing checks that rely on the 'isAdmin' property.

Remediation

Users should update to LangSmith SDK version 0.5.18, where this vulnerability has been fixed. After updating, verify that the 'baseAssignValue()' function in 'lodash' properly guards against 'constructor' and 'prototype' keys to prevent similar issues.