905 matches found
Flowise Unauthenticated Denial of Service (DoS) vulnerability
An Unauthenticated Denial of Service DoS vulnerability exists in Flowise version 1.8.2 leading to a complete crash of the instance running a vulnerable version due to improper handling of user supplied input to the /api/v1/get-upload-file api endpoint...
GHSA-2Q4W-X8H2-2FVH Flowise Authentication Bypass vulnerability
An Authentication Bypass vulnerability exists in Flowise version 1.8.2. This could allow a remote, unauthenticated attacker to access API endpoints as an administrator and allow them to access restricted functionality...
Flowise Authentication Bypass vulnerability
An Authentication Bypass vulnerability exists in Flowise version 1.8.2. This could allow a remote, unauthenticated attacker to access API endpoints as an administrator and allow them to access restricted functionality...
CVE-2024-8182
An Unauthenticated Denial of Service DoS vulnerability exists in Flowise version 1.8.2 leading to a complete crash of the instance running a vulnerable version due to improper handling of user supplied input to the “/api/v1/get-upload-file” api endpoint...
CVE-2024-8181
An Authentication Bypass vulnerability exists in Flowise version 1.8.2. This could allow a remote, unauthenticated attacker to access API endpoints as an administrator and allow them to access restricted functionality...
CVE-2024-8181 Flowise Authentication Bypass
An Authentication Bypass vulnerability exists in Flowise version 1.8.2. This could allow a remote, unauthenticated attacker to access API endpoints as an administrator and allow them to access restricted functionality...
CVE-2024-8181 Flowise Authentication Bypass
An Authentication Bypass vulnerability exists in Flowise version 1.8.2. This could allow a remote, unauthenticated attacker to access API endpoints as an administrator and allow them to access restricted functionality...
CVE-2024-8181
Affected software: Flowise
CVE-2024-8181 Flowise Authentication Bypass
An Authentication Bypass vulnerability exists in Flowise version 1.8.2. This could allow a remote, unauthenticated attacker to access API endpoints as an administrator and allow them to access restricted functionality...
CVE-2024-8182 Flowise Denial of Service
An Unauthenticated Denial of Service DoS vulnerability exists in Flowise version 1.8.2 leading to a complete crash of the instance running a vulnerable version due to improper handling of user supplied input to the “/api/v1/get-upload-file” api endpoint...
CVE-2024-8182 Flowise Denial of Service
An Unauthenticated Denial of Service DoS vulnerability exists in Flowise version 1.8.2 leading to a complete crash of the instance running a vulnerable version due to improper handling of user supplied input to the “/api/v1/get-upload-file” api endpoint...
CVE-2024-8182 Flowise Denial of Service
An Unauthenticated Denial of Service DoS vulnerability exists in Flowise version 1.8.2 leading to a complete crash of the instance running a vulnerable version due to improper handling of user supplied input to the “/api/v1/get-upload-file” api endpoint...
CVE-2024-8182
Flowise vulnerability CVE-2024-8182 is an unauthenticated Denial of Service affecting Flowise v1.8.2. The issue stems from improper handling of user-supplied input to the /api/v1/get-upload-file endpoint, which can cause the instance to crash when processing requests. The available connected docu...
PT-2024-38860
Name of the Vulnerable Software and Affected Versions: Flowise version 1.8.2 Description: An Authentication Bypass issue exists, allowing a remote, unauthenticated attacker to access API endpoints as an administrator and access restricted functionality. Recommendations: For Flowise version 1.8.2,...
Flowise 安全漏洞
Flowise is a FlowiseAI open source tool for easily building LLM applications. A security vulnerability exists in Flowise version 1.8.2. An attacker exploited the vulnerability to access the API endpoint as an administrator...
PT-2024-38861 · Flowise · Flowise
Name of the Vulnerable Software and Affected Versions: Flowise version 1.8.2 Description: An Unauthenticated Denial of Service DoS vulnerability exists in Flowise, leading to a complete crash of the instance running a vulnerable version due to improper handling of user-supplied input to the...
GHSA-2JCH-QC96-9F5G Flowise Cross-site Scripting in api/v1/chatflows/id
Flowise is a drag & drop user interface to build a customized large language model flow. In version 1.4.3 of Flowise, a reflected cross-site scripting vulnerability occurs in the api/v1/chatflows/id endpoint. If the default configuration is used unauthenticated, an attacker may be able to craft a...
GHSA-858C-QXVX-RG9V Flowise Cross-site Scripting in /api/v1/chatflows-streaming/id
Flowise is a drag & drop user interface to build a customized large language model flow. In version 1.4.3 of Flowise, a reflected cross-site scripting vulnerability occurs in the /api/v1/chatflows-streaming/id endpoint. If the default configuration is used unauthenticated, an attacker may be able...
GHSA-WXM4-9F8P-GGGV Flowise Cross-site Scripting in/api/v1/credentials/id
Flowise is a drag & drop user interface to build a customized large language model flow. In version 1.4.3 of Flowise, a reflected cross-site scripting vulnerability occurs in the /api/v1/credentials/id endpoint. If the default configuration is used unauthenticated, an attacker may be able to craf...
GHSA-FCCX-2PWJ-HRQ7 Flowise Cross-site Scripting in /api/v1/public-chatflows/id
Flowise is a drag & drop user interface to build a customized large language model flow. In version 1.4.3 of Flowise, a reflected cross-site scripting vulnerability occurs in the /api/v1/public-chatflows/id endpoint. If the default configuration is used unauthenticated, an attacker may be able to...