agentUniverse 命令注入漏洞

agentUniverse is agentuniverse-ai open source an LLM multi-agent framework that allows developers to easily build multi-agent applications. A command injection vulnerability exists in agentUniverse 0.0.18 and earlier versions, which stems from misuse of the function StdioServerParameters in the...

PT-2025-32308 · Unknown · Agentuniverse

Name of the Vulnerable Software and Affected Versions: agentUniverse versions up to 0.0.18 Description: A critical issue exists in agentUniverse that allows for remote OS command injection. The issue affects the StdioServerParameters function within the MCPSessionManager/MCPTool/MCPToolkit...

CVE-2019-14959 affecting package toolbox 0.0.18-9

CVE-2019-14959 affecting package toolbox 0.0.18-9. This CVE either no longer is or was never applicable...

CVE-2020-25207 affecting package toolbox 0.0.18-9

CVE-2020-25207 affecting package toolbox 0.0.18-9. This CVE either no longer is or was never applicable...

CVE-2020-25013 affecting package toolbox 0.0.18-9

CVE-2020-25013 affecting package toolbox 0.0.18-9. This CVE either no longer is or was never applicable...

CVE-2019-18368 affecting package toolbox 0.0.18-9

CVE-2019-18368 affecting package toolbox 0.0.18-9. This CVE either no longer is or was never applicable...

Allocation of Resources Without Limits or Throttling

Overview python-multipart is an A streaming multipart parser for Python Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the multipart/form-data, when line breaks: CR \r or LF \n in front of the first boundary and any tailing bytes...

DEBIAN-CVE-2024-53981

python-multipart is a streaming multipart parser for Python. When parsing form data, python-multipart skips line breaks CR \r or LF \n in front of the first boundary and any tailing bytes after the last boundary. This happens one byte at a time and emits a log event each time, which may cause...

CVE-2024-53981 python-multipart has a Denial of service (DoS) via deformation `multipart/form-data` boundary

python-multipart is a streaming multipart parser for Python. When parsing form data, python-multipart skips line breaks CR \r or LF \n in front of the first boundary and any tailing bytes after the last boundary. This happens one byte at a time and emits a log event each time, which may cause...

CVE-2024-53981

python-multipart is a streaming multipart parser for Python. When parsing form data, python-multipart skips line breaks CR \r or LF \n in front of the first boundary and any tailing bytes after the last boundary. This happens one byte at a time and emits a log event each time, which may cause...

python-multipart 安全漏洞

python-multipart is a streaming multipart parser for Python by the individual developer Marcelo Trylesinski. A security vulnerability exists in python-multipart versions prior to 0.0.18, which stems from improper handling of content before and after boundaries and excessive logging when processin...

PT-2024-35993

Name of the Vulnerable Software and Affected Versions: python-multipart versions prior to 0.0.18 Description: The issue arises when parsing form data, as python-multipart skips line breaks in front of the first boundary and any tailing bytes after the last boundary, one byte at a time, emitting a...

PT-2024-31868 · Scheduler · Scheduler

Name of the Vulnerable Software and Affected Versions: scheduleR version 0.0.18 Description: A host header injection vulnerability allows attackers to obtain the password reset token via user interaction with a crafted password reset link. This enables attackers to arbitrarily reset other users'...