Lucene search
K

4 matches found

Snyk
Snyk
added 2026/06/19 9:18 p.m.5 views

UNIX Symbolic Link (Symlink) Following

Overview lfx is a lfx is a command-line tool for running Langflow workflows. It provides two main commands: serve and run. Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following via the BaseFileComponent.unpackbundle function. An attacker can access arbitrary fil...

9.6CVSS6.2AI score0.00411EPSS
Exploits1References2
Snyk
Snyk
added 2026/06/17 6:43 p.m.4 views

Missing Authentication for Critical Function

Overview lfx is a lfx is a command-line tool for running Langflow workflows. It provides two main commands: serve and run. Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the createuploadfile function. An attacker can exhaust server disk space...

9.3CVSS6AI score0.00332EPSS
Exploits1References2
Snyk
Snyk
added 2024/12/01 6:36 a.m.3 views

Brute Force

Overview netunicorn-library is a netunicorn contrib library Affected versions of this package are vulnerable to Brute Force. An attacker could gain unauthorized access by exploiting this vulnerability. Remediation Upgrade netunicorn-library to version 0.4.2 or higher. References - GitHub Commit -...

6.3CVSS6.9AI score
Exploits0References3
OSV
OSV
added 2021/09/20 5:15 p.m.4 views

UBUNTU-CVE-2021-32839

sqlparse is a non-validating SQL parser module for Python. In sqlparse versions 0.4.0 and 0.4.1 there is a regular Expression Denial of Service in sqlparse vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of '\r\n' in SQL comments. On...

7.5CVSS7.1AI score0.02134EPSS
Exploits0References4
Rows per page
Query Builder