langsmith is a Client library to connect to the LangSmith Observability and Evaluation Platform.
Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) due to the improper validation of api_url and api_key fields in baggage headers in RunTree.from_headers() and RunTree.fromHeaders() functions. An attacker can cause the exfiltration of sensitive trace data to attacker-controlled endpoints by injecting arbitrary api_url values through the baggage header, which are then used by the SDK to send run data to malicious URLs.
Note:
This issue affects applications, utilising TracingMiddleware and calling RunTree.from_headers() or RunTree.fromHeaders() with untrusted HTTP headers.
Workaround
For users that are unable to upgrade to the fixed version it is recommended:
To strip or validate the baggage header before passing to RunTree.from_headers() or RunTree.fromHeaders();
To not use TracingMiddleware with untrusted traffic.