Awaiting Analysis
CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Products
Langflow
- 0.6.19
Source
cve@mitre.org
Tags
CVE-2024-37014 details
Published : June 10, 2024, 8:15 p.m.
Last Modified : June 10, 2024, 8:54 p.m.
Last Modified : June 10, 2024, 8:54 p.m.
Description
Langflow through 0.6.19 allows remote code execution if untrusted users are able to reach the "POST /api/v1/custom_component" endpoint and provide a Python script.
CVSS Score
| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
|---|
Weakness
| Weakness | Name | Description |
|---|
References
| URL | Source |
|---|---|
| https://github.com/langflow-ai/langflow/issues/1973 | cve@mitre.org |
This website uses the NVD API, but is not approved or certified by it.