CVE-2024-9277
CVE-2024-9277
Título es
CVE-2024-9277
Vie, 27/09/2024 – 11:15
Tipo
CWE-1333
Gravedad v2.0
2.30
Gravedad 2.0 Txt
LOW
Título en
CVE-2024-9277
Descripción en
A vulnerability classified as problematic was found in Langflow up to 1.0.18. Affected by this vulnerability is an unknown functionality of the file \src\backend\base\langflow\interface\utils.py of the component HTTP POST Request Handler. The manipulation of the argument remaining_text leads to inefficient regular expression complexity. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
27/09/2024
27/09/2024
Vector CVSS:3.1
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Vector CVSS:2.0
AV:A/AC:M/Au:S/C:N/I:N/A:P
Gravedad 3.1 (CVSS 3.1 Base Score)
3.50
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
LOW
Referencias
Enviar en el boletín
Off
