Lucene search

GitHub Advisory DatabaseGHSA-H997-3FXJ-P5J8

HistoryAug 05, 2024 - 9:29 p.m.

Flowise Path Injection at /api/v1/openai-assistants-file

2024-08-0521:29:27

CWE-74

GitHub Advisory Database

github.com

flowise

version 1.4.3

vulnerability

endpoint

api

arbitrary file read

lack of sanitization

filename

no known patches

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

6.7

Confidence

High

JSON

Flowise is a drag & drop user interface to build a customized large language model flow. In version 1.4.3 of Flowise, the /api/v1/openai-assistants-file endpoint in index.ts is vulnerable to arbitrary file read due to lack of sanitization of the fileName body parameter. No known patches for this issue are available.

Affected configurations

Vulners

Node

flowiseaiflowiseRange≤1.4.3

VendorProductVersionCPE
flowiseaiflowise*cpe:2.3:a:flowiseai:flowise:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
flowiseai	flowise	*	cpe:2.3:a:flowiseai:flowise::::::::

References

github.com/advisories/GHSA-h997-3fxj-p5j8

github.com/FlowiseAI/Flowise/blob/e93ce07851cdc0fcde12374f301b8070f2043687/packages/server/src/index.ts#L982

nvd.nist.gov/vuln/detail/CVE-2024-36420

securitylab.github.com/advisories/GHSL-2023-232_GHSL-2023-234_Flowise

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

6.7

Confidence

High

JSON

Related for GHSA-H997-3FXJ-P5J8