High severityNVD Advisory· Published Aug 27, 2024· Updated Aug 27, 2024
Flowise Denial of Service
CVE-2024-8182
Description
An Unauthenticated Denial of Service (DoS) vulnerability exists in Flowise version 1.8.2 leading to a complete crash of the instance running a vulnerable version due to improper handling of user supplied input to the “/api/v1/get-upload-file” api endpoint.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
flowisenpm | <= 1.8.2 | — |
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- github.com/advisories/GHSA-48x4-mx8f-gr4hghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-8182ghsaADVISORY
- tenable.com/security/research/tra-2024-34ghsaWEB
News mentions
0No linked articles in our index yet.