3 matches found
GHSA-8JF4-FCJR-68C2 Upsonic is vulnerable to Path Traversal attack through its os.path.join function
A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerability affects the function os.path.join of the file markdown/server.py. The manipulation of the argument file.filename leads to path traversal. The exploit has been disclosed to the public and may be used...
Upsonic 代码问题漏洞
Upsonic is an AI agent framework open-sourced by Upsonic. A code issue vulnerability exists in Upsonic 0.55.6 and earlier versions, which stems from deserialization of the file /tools/addtool function cloudpickle.loads in the component Pickle Handler...
Upsonic 路径遍历漏洞
Upsonic is an AI agent framework open-sourced by Upsonic. Upsonic 0.55.6 and earlier versions have a path traversal vulnerability, the vulnerability stems from a path traversal in the function os.path.join in the file markdown/server.py...