langflow@0.6.7a5 vulnerabilities
A Python package with a built-in web application
-
latest version
1.1.1
-
first published
2 years ago
-
latest version published
20 hours ago
-
licenses detected
- [0,)
Direct Vulnerabilities
Known vulnerabilities in the langflow package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
langflow is an A Python package with a built-in web application Affected versions of this package are vulnerable to Arbitrary Code Injection through any components that provided the code functionality running on the local machine rather than a sandboxed environment. An attacker can execute arbitrary code on the host system by injecting malicious code into the components. How to fix Arbitrary Code Injection? There is no fixed version for |
[0,)
|
langflow is an A Python package with a built-in web application Affected versions of this package are vulnerable to Missing Authorization due to improper authorization checks to verify flow ownership in Note:
The attack can be carried out by sending file upload requests to the How to fix Missing Authorization? Upgrade |
[,1.0.19)
|
langflow is an A Python package with a built-in web application Affected versions of this package are vulnerable to Arbitrary Code Injection via the How to fix Arbitrary Code Injection? There is no fixed version for |
[0,)
|
langflow is an A Python package with a built-in web application Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) through the manipulation of the How to fix Regular Expression Denial of Service (ReDoS)? There is no fixed version for |
[0,)
|
langflow is an A Python package with a built-in web application Affected versions of this package are vulnerable to Improper Authorization via the How to fix Improper Authorization? Upgrade |
[,1.0.13)
|
langflow is an A Python package with a built-in web application Affected versions of this package are vulnerable to Improper Input Validation via an unsecure How to fix Improper Input Validation? Upgrade |
[,1.0.0a37)
|
langflow is an A Python package with a built-in web application Affected versions of this package are vulnerable to Improper Control of Dynamically-Managed Code Resources through the How to fix Improper Control of Dynamically-Managed Code Resources? There is no fixed version for |
[0,)
|