GHSA-9hrv-gvrv-6gf2 — MEDIUM AI Security Vulnerability

Q: What is GHSA-9hrv-gvrv-6gf2?

Flowise Execute Flow function has an SSRF vulnerability

Q: Is GHSA-9hrv-gvrv-6gf2 actively exploited?

No confirmed active exploitation of GHSA-9hrv-gvrv-6gf2 has been reported, but organizations should still patch proactively.

Q: How to fix GHSA-9hrv-gvrv-6gf2?

Update to patched version: flowise 3.1.0, flowise-components 3.1.0.

Q: What is the CVSS score for GHSA-9hrv-gvrv-6gf2?

No CVSS score has been assigned yet.

### Summary The attacker provides an intranet address through the base url field configured in the Execute Flow node → Bypass checkDenyList / resolveAndValidate in httpSecurity.ts (not called) → Causes the server to initiate an HTTP request to any internal network address, read cloud metadata, or...

Full CISO analysis pending enrichment.

Affected Systems

Package	Ecosystem	Vulnerable Range	Patched
flowise	npm	<= 3.0.13	`3.1.0`
flowise-components	npm	<= 3.0.13	`3.1.0`

Severity & Risk

CVSS 3.1

N/A

EPSS

N/A

Exploitation Status

No known exploitation

Sophistication

N/A

Recommended Action

Patch available

Update flowise to version 3.1.0

Update flowise-components to version 3.1.0

Compliance Impact

Compliance analysis pending. Sign in for full compliance mapping when available.

Frequently Asked Questions

What is GHSA-9hrv-gvrv-6gf2?

Flowise Execute Flow function has an SSRF vulnerability

Is GHSA-9hrv-gvrv-6gf2 actively exploited?

No confirmed active exploitation of GHSA-9hrv-gvrv-6gf2 has been reported, but organizations should still patch proactively.

How to fix GHSA-9hrv-gvrv-6gf2?

Update to patched version: flowise 3.1.0, flowise-components 3.1.0.

What is the CVSS score for GHSA-9hrv-gvrv-6gf2?

No CVSS score has been assigned yet.

Technical Details

NVD Description

### Summary The attacker provides an intranet address through the base url field configured in the Execute Flow node → Bypass checkDenyList / resolveAndValidate in httpSecurity.ts (not called) → Causes the server to initiate an HTTP request to any internal network address, read cloud metadata, or detect internal network services ### Details <img width="1280" height="860" alt="9a52a74e6fe2fd78e4962d1d68057fc2" src="https://github.com/user-attachments/assets/20df0006-9129-4886-8928-16d19a617c23" /> Then initiate the call: ``` POST /api/v1/prediction/d6739838-d3b3-43d9-86ff-911a3d757a7e HTTP/1.1 Host: 127.0.0.1:3000 Content-Type: application/json Authorization: Bearer apikey Content-Length: 17 {"question": "1"} ``` Server received a request: <img width="1432" height="172" alt="f45c757fec408e13739db068252ff21b" src="https://github.com/user-attachments/assets/d3dfe0f5-83ec-4c79-ab32-754382a68d5f" /> And there is an echo: <img width="1280" height="666" alt="fa0caf0deb306cfeeea8fdf8941a287e" src="https://github.com/user-attachments/assets/55a94d25-120b-4e9c-9517-46c2fc2b667f" /> Fix: Call secureFetch for verification ### Impact This is a Server-Side Request Forgery (SSRF) vulnerability that may lead to the following risks: - Explore Internal Web Applications - Access sensitive management interfaces - Leak internal configuration, credentials, or confidential information This vulnerability significantly increases the risk of internal service enumeration and potential lateral movement in enterprise environments.