python · langflowCritical
langflow: Unauthenticated DoS via Oversized Multipart Boundary Fixed in 1.0.19
A security vulnerability in the file upload endpoint allows unauthenticated denial of service via oversized multipart boundary.
What changed
A security vulnerability in the file upload endpoint allows unauthenticated denial of service via oversized multipart boundary. Fixed in 1.0.19 by adding boundary validation middleware and authentication checks.
Who it affects
All users of langflow versions prior to 1.0.19, especially those exposing the API publicly.
What to do today
Upgrade to langflow version 1.0.19 or later immediately.
The trail
Collected→
Audited→
Written→
Published