langflow-base 0.8.0

Direct Vulnerabilities

Known vulnerabilities in the langflow-base package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
H Directory Traversal Affected versions of this package are vulnerable to Directory Traversal via the `upload_user_file` function. An attacker can overwrite or create files in arbitrary locations on the filesystem by submitting specially crafted filenames containing path traversal sequences in the multipart form data. How to fix Directory Traversal? There is no fixed version for `langflow-base`.	[0,)
M Missing Authorization Affected versions of this package are vulnerable to Missing Authorization via the `download_image` endpoint. An attacker can access and download image files belonging to any flow by knowing or guessing the flow ID and file name. How to fix Missing Authorization? There is no fixed version for `langflow-base`.	[0,)
H Cross-site Scripting (XSS) Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the `/api/v1/files/images/{flow_id}/{file_name}` endpoint, which serves SVG files with the `image/svg+xml` content type without sanitizing their content. An attacker can execute arbitrary JavaScript in the context of another user's session by uploading a crafted SVG file, potentially allowing theft of authentication tokens stored in cookies, including JWT access and refresh tokens. How to fix Cross-site Scripting (XSS)? There is no fixed version for `langflow-base`.	[0,)
H Missing Authorization Affected versions of this package are vulnerable to Missing Authorization via the `logs` and `logs-stream` endpoints. An attacker can access sensitive application log data by authenticating with basic user privileges, as these endpoints do not enforce privilege checks. How to fix Missing Authorization? There is no fixed version for `langflow-base`.	[0.0.83,)
C Arbitrary Code Injection Affected versions of this package are vulnerable to Arbitrary Code Injection through the Agentic Assistant validation process. An attacker can execute arbitrary server-side Python code by supplying input that causes the assistant to return malicious component code, which is then instantiated during validation. How to fix Arbitrary Code Injection? A fix was pushed into the `master` branch but not yet published.	[0,)
C Directory Traversal Affected versions of this package are vulnerable to Directory Traversal via the `download_profile_picture` function in the `/profile_pictures/{folder_name}/{file_name}` endpoint, where the `folder_name` and `file_name` parameters are not properly filtered. An attacker can access sensitive files outside the intended directory by supplying crafted path traversal sequences, potentially allowing them to obtain authentication secrets and gain unauthorized access. How to fix Directory Traversal? A fix was pushed into the `master` branch but not yet published.	[0,)
H Missing Authorization Affected versions of this package are vulnerable to Missing Authorization via the `download_image` endpoint, which allows unauthenticated access to image files by accepting `flow_id` and `file_name` as path parameters without verifying user authentication or ownership. An attacker can access sensitive image files belonging to other users by sending crafted requests with valid identifiers. How to fix Missing Authorization? A fix was pushed into the `master` branch but not yet published.	[0,)
C Missing Authentication for Critical Function Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the `POST /api/v1/build_public_tmp/{flow_id}/flow` endpoint when attacker-controlled flow data is supplied to the `data` parameter, which is then executed using `exec()` without authentication or sandboxing. An attacker can execute arbitrary code on the server by submitting malicious flow definitions containing executable Python code. This is only exploitable if the instance has at least one public flow and the attacker knows the public flow's UUID, which can be discovered via shared links or URLs. How to fix Missing Authentication for Critical Function? Upgrade `langflow-base` to version 0.8.1 or higher.	[,0.8.1)
H Deserialization of Untrusted Data Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the disk cache service. An attacker can execute arbitrary code by supplying crafted data that is deserialized without proper validation. How to fix Deserialization of Untrusted Data? There is no fixed version for `langflow-base`.	[0,)
C Origin Validation Error Affected versions of this package are vulnerable to Origin Validation Error via an overly permissive CORS configuration in the `refresh` endpoint. An attacker can gain unauthorized access to authentication tokens and execute arbitrary code by enticing a victim to visit a malicious webpage that performs cross-origin requests with credentials. Note: The option was added in version 0.6.0 (used in langflow 1.6.x) to restrict allowed origins with `LANGFLOW_CORS_ORIGINS`. This will become the default behavior, with permissive settings (`origins = *`) being opt-in, in a future release. How to fix Origin Validation Error? There is no fixed version for `langflow-base`.	[0,)

Vulnerability

Vulnerable Version

Directory Traversal

Affected versions of this package are vulnerable to Directory Traversal via the upload_user_file function. An attacker can overwrite or create files in arbitrary locations on the filesystem by submitting specially crafted filenames containing path traversal sequences in the multipart form data.

How to fix Directory Traversal?

There is no fixed version for langflow-base.

[0,)

Missing Authorization

Affected versions of this package are vulnerable to Missing Authorization via the download_image endpoint. An attacker can access and download image files belonging to any flow by knowing or guessing the flow ID and file name.

How to fix Missing Authorization?

There is no fixed version for langflow-base.

[0,)

Cross-site Scripting (XSS)

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the /api/v1/files/images/{flow_id}/{file_name} endpoint, which serves SVG files with the image/svg+xml content type without sanitizing their content. An attacker can execute arbitrary JavaScript in the context of another user's session by uploading a crafted SVG file, potentially allowing theft of authentication tokens stored in cookies, including JWT access and refresh tokens.

How to fix Cross-site Scripting (XSS)?

There is no fixed version for langflow-base.

[0,)

Missing Authorization

Affected versions of this package are vulnerable to Missing Authorization via the logs and logs-stream endpoints. An attacker can access sensitive application log data by authenticating with basic user privileges, as these endpoints do not enforce privilege checks.

How to fix Missing Authorization?

There is no fixed version for langflow-base.

[0.0.83,)

Arbitrary Code Injection

Affected versions of this package are vulnerable to Arbitrary Code Injection through the Agentic Assistant validation process. An attacker can execute arbitrary server-side Python code by supplying input that causes the assistant to return malicious component code, which is then instantiated during validation.

How to fix Arbitrary Code Injection?

A fix was pushed into the master branch but not yet published.

[0,)

Directory Traversal

Affected versions of this package are vulnerable to Directory Traversal via the download_profile_picture function in the /profile_pictures/{folder_name}/{file_name} endpoint, where the folder_name and file_name parameters are not properly filtered. An attacker can access sensitive files outside the intended directory by supplying crafted path traversal sequences, potentially allowing them to obtain authentication secrets and gain unauthorized access.

How to fix Directory Traversal?

A fix was pushed into the master branch but not yet published.

[0,)

Missing Authorization

Affected versions of this package are vulnerable to Missing Authorization via the download_image endpoint, which allows unauthenticated access to image files by accepting flow_id and file_name as path parameters without verifying user authentication or ownership. An attacker can access sensitive image files belonging to other users by sending crafted requests with valid identifiers.

How to fix Missing Authorization?

A fix was pushed into the master branch but not yet published.

[0,)

Missing Authentication for Critical Function

Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint when attacker-controlled flow data is supplied to the data parameter, which is then executed using exec() without authentication or sandboxing. An attacker can execute arbitrary code on the server by submitting malicious flow definitions containing executable Python code. This is only exploitable if the instance has at least one public flow and the attacker knows the public flow's UUID, which can be discovered via shared links or URLs.

How to fix Missing Authentication for Critical Function?

Upgrade langflow-base to version 0.8.1 or higher.

[,0.8.1)

Deserialization of Untrusted Data

Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the disk cache service. An attacker can execute arbitrary code by supplying crafted data that is deserialized without proper validation.

How to fix Deserialization of Untrusted Data?

There is no fixed version for langflow-base.

[0,)

Origin Validation Error

Affected versions of this package are vulnerable to Origin Validation Error via an overly permissive CORS configuration in the refresh endpoint. An attacker can gain unauthorized access to authentication tokens and execute arbitrary code by enticing a victim to visit a malicious webpage that performs cross-origin requests with credentials.

Note: The option was added in version 0.6.0 (used in langflow 1.6.x) to restrict allowed origins with LANGFLOW_CORS_ORIGINS. This will become the default behavior, with permissive settings (origins = *) being opt-in, in a future release.

How to fix Origin Validation Error?

There is no fixed version for langflow-base.

[0,)

langflow-base@0.8.0

A Python package with a built-in web application

latest version

first published

latest version published

licenses detected

Direct Vulnerabilities

Fix vulnerabilities automatically