How severe is CVE-2024-9277?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 3.5 out of 10.

What type of vulnerability is CVE-2024-9277?

This is classified as CWE-1333, which is a common weakness in software security.

CVE-2024-9277 - MEDIUM Severity | CVSS 3.5

Vulnerability Description

A vulnerability classified as problematic was found in Langflow up to 1.0.18. Affected by this vulnerability is an unknown functionality of the file \src\backend\base\langflow\interface\utils.py of the component HTTP POST Request Handler. The manipulation of the argument remaining_text leads to inefficient regular expression complexity. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Related Vulnerabilities

CVE-2024-9506

LOW

CVSS:3.7(Low)

Improper regular expression in Vue's parseHTML function leads to a potential regular expression denial of service vulnerability.

CWE-13332024

CVE-2022-2908

MEDIUM

CVSS:4.3(Medium)

A potential DoS vulnerability was discovered in Gitlab CE/EE versions starting from 10.7 before 15.1.5, all versions starting from 15.2 before 15.2.3, all versions starting from 15.3 before 15.3.1 all...

CWE-13332022

CVE-2022-34428

LOW

CVSS:2.7(Low)

Dell Hybrid Client prior to version 1.8 contains a Regular Expression Denial of Service Vulnerability in the UI. An adversary with WMS group admin access could potentially exploit this vulnerability, ...

CWE-13332022

CVE-2024-6434

MEDIUM

CVSS:4.3(Medium)

The Premium Addons for Elementor plugin for WordPress is vulnerable to Regular Expression Denial of Service (ReDoS) in all versions up to, and including, 4.10.35. This is due to processing user-suppli...

CWE-13332024

CVE-2025-1194

MEDIUM

CVSS:4.3(Medium)

A Regular Expression Denial of Service (ReDoS) vulnerability was identified in the huggingface/transformers library, specifically in the file `tokenization_gpt_neox_japanese.py` of the GPT-NeoX-Japane...

CWE-13332025

CVE-2024-28864

LOW

CVSS:2.6(Low)

SecureProps is a PHP library designed to simplify the encryption and decryption of property data in objects. A vulnerability in SecureProps version 1.2.0 and 1.2.1 involves a regex failing to detect t...

CWE-13332024