PYSEC-2024-279

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/langflow/PYSEC-2024-279.yaml

JSON Data

https://api.osv.dev/v1/vulns/PYSEC-2024-279

Aliases

Published

2024-10-31T14:15:05.610Z

Modified

2026-05-20T09:19:04.300973Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

langflow v1.0.12 was discovered to contain a remote code execution (RCE) vulnerability via the PythonCodeTool component.

References

https://github.com/langflow-ai/langflow/issues/2908

Affected packages

PyPI / langflow

Package

Name: langflow; View open source insights on deps.dev
Purl: pkg:pypi/langflow

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

None

None

Affected versions

0.*

0.0.31

0.0.32

0.0.33

0.0.40

0.0.44

0.0.45

0.0.46

0.0.52

0.0.53

0.0.54

0.0.55

0.0.56

0.0.57

0.0.58

0.0.61

0.0.62

0.0.63

0.0.64

0.0.65

0.0.66

0.0.67

0.0.68

0.0.69

0.0.70

0.0.71

0.0.72

0.0.73

0.0.74

0.0.75

0.0.76

0.0.78

0.0.79

0.0.80

0.0.81

0.0.83

0.0.84

0.0.85

0.0.86

0.0.87

0.0.88

0.0.89

0.1.0

0.1.2

0.1.3

0.1.4

0.1.5

0.1.6

0.1.7

0.2.0

0.2.1

0.2.2

0.2.3

0.2.4

0.2.5

0.2.6

0.2.7

0.2.8

0.2.9

0.2.10

0.2.11

0.2.12

0.2.13

0.3.0

0.3.1

0.3.2

0.3.3

0.3.4

0.4.0

0.4.1

0.4.2

0.4.3

0.4.4

0.4.5

0.4.6

0.4.7

0.4.8

0.4.9

0.4.10

0.4.11

0.4.12

0.4.14

0.4.15

0.4.16

0.4.17

0.4.18

0.4.19

0.4.20

0.4.21

0.5.0a0

0.5.0a1

0.5.0a2

0.5.0a3

0.5.0a4

0.5.0a5

0.5.0a6

0.5.0b0

0.5.0b2

0.5.0b3

0.5.0b4

0.5.0b5

0.5.0b6

0.5.0

0.5.1

0.5.2

0.5.3

0.5.4

0.5.5

0.5.6

0.5.7

0.5.8

0.5.9

0.5.10

0.5.11

0.5.12

0.6.0rc1

0.6.0

0.6.1

0.6.2

0.6.3a0

0.6.3a1

0.6.3a2

0.6.3a3

0.6.3a4

0.6.3a5

0.6.3a6

0.6.3a7

0.6.3

0.6.4a0

0.6.4a1

0.6.4

0.6.5a0

0.6.5a1

0.6.5a2

0.6.5a3

0.6.5a4

0.6.5a5

0.6.5a6

0.6.5a7

0.6.5a8

0.6.5a9

0.6.5a10

0.6.5a11

0.6.5a12

0.6.5a13

0.6.5

0.6.6

0.6.7a1

0.6.7a2

0.6.7a3

0.6.7a5

0.6.7

0.6.8

0.6.9

0.6.10

0.6.11

0.6.12

0.6.14

0.6.15

0.6.16

0.6.17

0.6.18

0.6.19

1.*

1.0.0a0

1.0.0a1

1.0.0a2

1.0.0a3

1.0.0a4

1.0.0a5

1.0.0a6

1.0.0a7

1.0.0a8

1.0.0a9

1.0.0a10

1.0.0a11

1.0.0a12

1.0.0a13

1.0.0a14

1.0.0a15

1.0.0a17

1.0.0a18

1.0.0a19

1.0.0a20

1.0.0a21

1.0.0a22

1.0.0a23

1.0.0a24

1.0.0a25

1.0.0a26

1.0.0a27

1.0.0a28

1.0.0a29

1.0.0a30

1.0.0a31

1.0.0a32

1.0.0a33

1.0.0a34

1.0.0a35

1.0.0a36

1.0.0a37

1.0.0a38

1.0.0a39

1.0.0a40

1.0.0a41

1.0.0a42

1.0.0a43

1.0.0a44

1.0.0a45

1.0.0a46

1.0.0a47

1.0.0a48

1.0.0a49

1.0.0a50

1.0.0a51

1.0.0a52

1.0.0a53

1.0.0a55

1.0.0a56

1.0.0a57

1.0.0a58

1.0.0a59

1.0.0a60

1.0.0a61

1.0.0rc0

1.0.0rc1

1.0.0

1.0.1

1.0.2

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

1.0.8

1.0.9

1.0.10

1.0.11

1.0.12

1.0.13

1.0.14

1.0.15

1.0.16

1.0.17

1.0.18

1.0.19

1.0.19.post1

1.0.19.post2

1.1.0

1.1.1

1.1.2

1.1.3

1.1.4

1.1.4.post1

1.2.0

1.3.0

1.3.1

1.3.2

1.3.3

1.3.4

1.4.0

1.4.1

1.4.2

1.4.3

1.5.0

1.5.0.post1

1.5.0.post2

1.5.1

1.6.0

1.6.1

1.6.2

1.6.3

1.6.4

1.6.5

1.6.6

1.6.7

1.6.8

1.6.9

1.7.0

1.7.1

1.7.2

1.7.3

1.8.0rc0

1.8.0rc1

1.8.0rc2

1.8.0rc3

1.8.0rc4

1.8.0rc5

1.8.0rc6

1.8.0

1.8.1

1.8.2

1.8.3rc0

1.8.3

1.8.4

1.9.0

1.9.1

1.9.2

1.9.3rc0

1.9.3

Database specific

source

"https://github.com/pypa/advisory-database/blob/main/vulns/langflow/PYSEC-2024-279.yaml"