HIGH

GHSA-22c2-9gwg-mj59

Langroid has a Code Injection vulnerability in LanceDocChatAgent through vector_store

Details

### Summary [LanceDocChatAgent](https://github.com/langroid/langroid/blob/main/langroid/agent/special/lance_doc_chat_agent.py#L158) uses pandas eval() through `compute_from_docs()`: https://github.com/langroid/langroid/blob/18667ec7e971efc242505196f6518eb19a0abc1c/langroid/vector_store/base.py#L136-L150

As a result, an attacker may be able to make the agent run malicious commands through [QueryPlan.dataframe_calc](https://github.com/langroid/langroid/blob/main/langroid/agent/special/lance_tools.py#L16) compromising the host system.

### Fix Langroid 0.53.15 sanitizes input to the affected function by default to tackle the most common attack vectors, and added several warnings about the risky behavior in the project documentation.

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / langroid

Introduced in: 0 Fixed in: 0.53.15

Fix pip install --upgrade 'langroid>=0.53.15'

Details

Are you affected?

Affected packages

References