@langchain/langgraph-checkpoint is vulnerable to Prototype Pollution
43
Medium Risk
MemorySaver in @langchain/langgraph-checkpoint stores checkpoints and writes in nested plain objects keyed by caller-supplied identifiers such as thread_id, checkpoint_ns, checkpoint_id, and task_id. These identifiers are written into this.storage and this.writes without validating them against reserved property names. An attacker who controls one of these identifiers can supply a key such as __proto__, constructor, or prototype to walk into Object.prototype and inject properties onto it, affecting all objects in the process. The fix adds an assertSafeStorageKey guard at the entry points of put, putWrites, deleteThread, getTuple, and list that rejects reserved keys before they are used as storage keys.
You are affected if you are using a version that falls within the vulnerable range and your application uses MemorySaver with untrusted values for thread_id, checkpoint_ns, checkpoint_id, or task_id.
@langchain/langgraph-checkpoint is vulnerable to Prototype Pollution in versions 0.0.1 - 1.0.2.
Upgrade the @langchain/langgraph-checkpoint library to the patch version.
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

I consent to receiving marketing communications based on Aikido’s Privacy Policy.
SOC 2Compliant
ISO 27001Compliant