In Langchain before 0.0.329, prompt injection allows an attacker to force the service to retrieve data from an arbitrary URL, essentially providing SSRF and potentially injecting content into downstream tasks.
{ "github_reviewed_at": "2023-10-24T01:36:13Z", "severity": "HIGH", "nvd_published_at": "2023-10-20T22:15:10Z", "github_reviewed": true, "cwe_ids": [ "CWE-74", "CWE-918" ] }