Lucene search
K

5 matches found

OSV
OSV
added 2024/04/29 6:30 p.m.14 views

GHSA-6WP6-22X5-RR3W Flowise vulnerable to code injection via api/v1

An issue in FlowiseAI Inc Flowise prior to v1.8.1 allows a remote attacker to execute arbitrary code via a crafted script to the api/v1 component...

7.6CVSS7.6AI score0.59867EPSS
Exploits4References6
Github Security Blog
Github Security Blog
added 2024/04/29 6:30 p.m.34 views

Flowise vulnerable to code injection via api/v1

An issue in FlowiseAI Inc Flowise prior to v1.8.1 allows a remote attacker to execute arbitrary code via a crafted script to the api/v1 component...

7.6CVSS7.5AI score0.59867EPSS
Exploits4References6Affected Software1
Vulnrichment
Vulnrichment
added 2024/04/29 12:0 a.m.18 views

CVE-2024-31621

An issue in FlowiseAI Inc Flowise v.1.6.2 and before allows a remote attacker to execute arbitrary code via a crafted script to the api/v1 component...

7.7AI score0.59867EPSS
Exploits4References2
Positive Technologies
Positive Technologies
added 2024/04/29 12:0 a.m.3 views

PT-2024-24158

Name of the Vulnerable Software and Affected Versions FlowiseAI Inc Flowise versions 1.6.2 and before FlowiseAI Inc Flowise versions prior to 1.8.1 Description An issue in FlowiseAI Inc Flowise allows a remote attacker to execute arbitrary code via a crafted script sent to the /api/v1 component...

7.6CVSS7.5AI score0.59867EPSS
Exploits4References43
CVE
CVE
added 2024/04/29 12:0 a.m.697 views

CVE-2024-31621

CVE-2024-31621 affects Flowise Flowise v1.6.2 and earlier, with multiple sources describing an authentication bypass (notably in Flowise = 1.6.6 / 1.8.1+ per other reports). If exploitation details are present, they confirm remote code execution via /api/v1; otherwise, exploitation specifics are ...

7.6CVSS7.7AI score0.59867EPSS
Exploits4References2Affected Software1
Rows per page
Query Builder