flowise-ui 3.0.12

Direct Vulnerabilities

Known vulnerabilities in the flowise-ui package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M Use of a Broken or Risky Cryptographic Algorithm flowise-ui is a Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm in the `process` that handles JWT secret assignment. An attacker can gain unauthorized access and impersonate any user, including administrators, by crafting valid JWTs using publicly known default secrets. This is only exploitable if the environment variables for JWT secrets are not explicitly set and the application is deployed with default values. How to fix Use of a Broken or Risky Cryptographic Algorithm? Upgrade `flowise-ui` to version 3.1.0 or higher.	<3.1.0
C Arbitrary Code Injection flowise-ui is a Affected versions of this package are vulnerable to Arbitrary Code Injection via the `customReadCSVFunc` process. An attacker can execute arbitrary code on the server by supplying malicious input that is interpolated and executed without proper sanitization. This is only exploitable if the attacker is authenticated or can bypass authentication by providing the "x-request-from: internal" header when `FLOWISE_USERNAME` and `FLOWISE_PASSWORD` are not set. How to fix Arbitrary Code Injection? Upgrade `flowise-ui` to version 3.1.0 or higher.	<3.1.0
C Incomplete List of Disallowed Inputs flowise-ui is a Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs in the `run` method of the Airtable_Agents class, which evaluates LLM-generated Python scripts in a non-sandboxed environment. An attacker can execute arbitrary code on the server by crafting malicious prompts or responses that bypass input validation, leading to the execution of system commands with the privileges of the server process. This can be achieved by sending specially crafted requests to chatflows using the Airtable Agent node, or by configuring a chatflow to use an attacker-controlled server or Airtable table. How to fix Incomplete List of Disallowed Inputs? Upgrade `flowise-ui` to version 3.1.0 or higher.	<3.1.0
C Server-side Request Forgery (SSRF) flowise-ui is a Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) via the HTTP Node as it is used in AgentFlow and Chatflow. An attacker can access internal network resources, retrieve sensitive information, or modify and delete data by supplying crafted URLs to the server, which then performs HTTP requests to internal or restricted endpoints on behalf of the attacker. This can lead to exposure of internal admin panels, cloud metadata, and allow further privilege escalation or lateral movement. How to fix Server-side Request Forgery (SSRF)? Upgrade `flowise-ui` to version 3.0.13 or higher.	<3.0.13

Vulnerability

Vulnerable Version

Use of a Broken or Risky Cryptographic Algorithm

flowise-ui is a

Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm in the process that handles JWT secret assignment. An attacker can gain unauthorized access and impersonate any user, including administrators, by crafting valid JWTs using publicly known default secrets. This is only exploitable if the environment variables for JWT secrets are not explicitly set and the application is deployed with default values.

How to fix Use of a Broken or Risky Cryptographic Algorithm?

Upgrade flowise-ui to version 3.1.0 or higher.

<3.1.0

Arbitrary Code Injection

flowise-ui is a

Affected versions of this package are vulnerable to Arbitrary Code Injection via the customReadCSVFunc process. An attacker can execute arbitrary code on the server by supplying malicious input that is interpolated and executed without proper sanitization. This is only exploitable if the attacker is authenticated or can bypass authentication by providing the "x-request-from: internal" header when FLOWISE_USERNAME and FLOWISE_PASSWORD are not set.

How to fix Arbitrary Code Injection?

Upgrade flowise-ui to version 3.1.0 or higher.

<3.1.0

Incomplete List of Disallowed Inputs

flowise-ui is a

Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs in the run method of the Airtable_Agents class, which evaluates LLM-generated Python scripts in a non-sandboxed environment. An attacker can execute arbitrary code on the server by crafting malicious prompts or responses that bypass input validation, leading to the execution of system commands with the privileges of the server process. This can be achieved by sending specially crafted requests to chatflows using the Airtable Agent node, or by configuring a chatflow to use an attacker-controlled server or Airtable table.

How to fix Incomplete List of Disallowed Inputs?

Upgrade flowise-ui to version 3.1.0 or higher.

<3.1.0

Server-side Request Forgery (SSRF)

flowise-ui is a

Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) via the HTTP Node as it is used in AgentFlow and Chatflow. An attacker can access internal network resources, retrieve sensitive information, or modify and delete data by supplying crafted URLs to the server, which then performs HTTP requests to internal or restricted endpoints on behalf of the attacker. This can lead to exposure of internal admin panels, cloud metadata, and allow further privilege escalation or lateral movement.

How to fix Server-side Request Forgery (SSRF)?

Upgrade flowise-ui to version 3.0.13 or higher.

<3.0.13

flowise-ui@3.0.12

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities

Fix vulnerabilities automatically