ragflow icon indicating copy to clipboard operation
ragflow copied to clipboard
Published 1 week ago verified publisher icon infiniflow

[Bug]: Security vulnerabilities CVE-2024-37371、CVE-2022-41741、CVE-2023-24329...

Open wangwanbin opened this issue 8 months ago • 1 comments

Self Checks

  • [x] I have searched for existing issues search for existing issues, including closed ones.
  • [x] I confirm that I am using English to submit this report (Language Policy).
  • [x] Non-english title submitions will be closed directly ( 非英文标题的提交将会被直接关闭 ) (Language Policy).
  • [x] Please do not modify this template :) and fill in all the required fields.

RAGFlow workspace code commit ID

none

RAGFlow image version

v0.17.2-slim

Other environment information

utbun linux

Actual behavior

Due to the discovery of a security vulnerability, the running service had to be taken down

Image

Expected behavior

Need to upgrade Python to version 3.12.9 and above, upgrade nginx to the latest version (1.26.3), and upgrade MySQL to secure version 8.4.4

Steps to reproduce

Security personnel conduct vulnerability scanning

Additional information

Image

Image

Image

wangwanbin avatar Mar 26 '25 07:03 wangwanbin

+1 MinIO

Ljiangx avatar Dec 04 '25 10:12 Ljiangx