In Langchain before 0.0.329, prompt injection allows an attacker to force the service to retrieve data from an arbitrary URL, essentially providing SSRF and potentially injecting content into downstream tasks.
{ "nvd_published_at": "2023-10-20T22:15:10Z", "cwe_ids": [ "CWE-74", "CWE-918" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2023-10-24T01:36:13Z" }