VYPR

Flowise

by Flowiseai

npm: flowise

Source repositories

CVEs (66)

  • CVE-2024-8182Aug 27, 2024
    risk 0.00cvss epss 0.14

    An Unauthenticated Denial of Service (DoS) vulnerability exists in Flowise version 1.8.2 leading to a complete crash of the instance running a vulnerable version due to improper handling of user supplied input to the “/api/v1/get-upload-file” api endpoint.

  • CVE-2024-37146Jul 1, 2024
    risk 0.00cvss epss 0.00

    Flowise is a drag & drop user interface to build a customized large language model flow. In version 1.4.3 of Flowise, a reflected cross-site scripting vulnerability occurs in the `/api/v1/credentials/id` endpoint. If the default configuration is used (unauthenticated), an…

  • CVE-2024-37145Jul 1, 2024
    risk 0.00cvss epss 0.00

    Flowise is a drag & drop user interface to build a customized large language model flow. In version 1.4.3 of Flowise, a reflected cross-site scripting vulnerability occurs in the `/api/v1/chatflows-streaming/id` endpoint. If the default configuration is used (unauthenticated),…

  • CVE-2024-36423Jul 1, 2024
    risk 0.00cvss epss 0.00

    Flowise is a drag & drop user interface to build a customized large language model flow. In version 1.4.3 of Flowise, a reflected cross-site scripting vulnerability occurs in the `/api/v1/public-chatflows/id` endpoint. If the default configuration is used (unauthenticated), an…

  • CVE-2024-36422Jul 1, 2024
    risk 0.00cvss epss 0.00

    Flowise is a drag & drop user interface to build a customized large language model flow. In version 1.4.3 of Flowise, a reflected cross-site scripting vulnerability occurs in the `api/v1/chatflows/id` endpoint. If the default configuration is used (unauthenticated), an attacker…

  • CVE-2024-36421Jul 1, 2024
    risk 0.00cvss epss 0.09

    Flowise is a drag & drop user interface to build a customized large language model flow. In version 1.4.3 of Flowise, A CORS misconfiguration sets the Access-Control-Allow-Origin header to all, allowing arbitrary origins to connect to the website. In the default configuration…

Page 4 of 4