Improper Input Validation Affecting langflow package, versions [,1.0.0a37)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsSnyk Learn
Learn about Improper Input Validation vulnerabilities in an interactive lesson.
Start learning- Snyk IDSNYK-PYTHON-LANGFLOW-7361803
- published24 Jun 2024
- disclosed1 Jun 2024
- creditUnknown
Introduced: 1 Jun 2024
CVE NOT AVAILABLE CWE-20 (opens in a new tab)Common Weakness Enumeration (CWE) is a category system for software weaknesses
How to fix?
Upgrade langflow to version 1.0.0a37 or higher.
Overview
langflow is an A Python package with a built-in web application
Affected versions of this package are vulnerable to Improper Input Validation via an unsecure /custom_component/reload endpoint.