CVE-2024-9277 Langflow HTTP POST Request utils.py redos

🗓️ 27 Sep 2024 11:00:06Reported by VulDBType

Vulnerability in Langflow HTTP POST Request utils.p

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2024-9277	27 Sep 202414:12	–	circl
CNNVD	Langflow 安全漏洞	27 Sep 202400:00	–	cnnvd
CVE	CVE-2024-9277	27 Sep 202411:00	–	cve
EUVD	EUVD-2024-2701	3 Oct 202520:07	–	euvd
Github Security Blog	Inefficient Regular Expression Complexity in langflow	27 Sep 202412:31	–	github
NVD	CVE-2024-9277	27 Sep 202411:15	–	nvd
OSV	GHSA-355V-2RJX-FPX7 Inefficient Regular Expression Complexity in langflow	27 Sep 202412:31	–	osv
Positive Technologies	PT-2024-39535 · Langflow · Langflow	27 Sep 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-9277	23 May 202510:36	–	redhatcve
Veracode	Regular Expression Denial Of Service (ReDoS)	7 Oct 202409:55	–	veracode

[
  {
    "vendor": "n/a",
    "product": "Langflow",
    "versions": [
      {
        "version": "1.0.0",
        "status": "affected"
      },
      {
        "version": "1.0.1",
        "status": "affected"
      },
      {
        "version": "1.0.2",
        "status": "affected"
      },
      {
        "version": "1.0.3",
        "status": "affected"
      },
      {
        "version": "1.0.4",
        "status": "affected"
      },
      {
        "version": "1.0.5",
        "status": "affected"
      },
      {
        "version": "1.0.6",
        "status": "affected"
      },
      {
        "version": "1.0.7",
        "status": "affected"
      },
      {
        "version": "1.0.8",
        "status": "affected"
      },
      {
        "version": "1.0.9",
        "status": "affected"
      },
      {
        "version": "1.0.10",
        "status": "affected"
      },
      {
        "version": "1.0.11",
        "status": "affected"
      },
      {
        "version": "1.0.12",
        "status": "affected"
      },
      {
        "version": "1.0.13",
        "status": "affected"
      },
      {
        "version": "1.0.14",
        "status": "affected"
      },
      {
        "version": "1.0.15",
        "status": "affected"
      },
      {
        "version": "1.0.16",
        "status": "affected"
      },
      {
        "version": "1.0.17",
        "status": "affected"
      },
      {
        "version": "1.0.18",
        "status": "affected"
      }
    ],
    "modules": [
      "HTTP POST Request Handler"
    ]
  }
]

Source	Link
rumbling-slice-eb0	www.rumbling-slice-eb0.notion.site/Remote-Redos-in-https-github-com-langflow-ai-langflow-067159ced0d5494e91b06071384969c4
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/

27 Sep 2024 11:42Current

CVSS 22.3

CVSS 3.13.5

CVSS 33.5

CVSS 45.1

EPSS0.0017

CWE-1333