5 matches found
PT-2026-33711
A security flaw has been discovered in modelscope agentscope up to 1.0.18. This affects the function get bytes from web url of the file src/agentscope/ utils/ common.py of the component Internal Service. Performing a manipulation results in server-side request forgery. It is possible to initiate...
CVE-2026-5973 FoundationAgents MetaGPT common.py get_mime_type os command injection
A vulnerability was found in FoundationAgents MetaGPT up to 0.8.1. Impacted is the function getmimetype of the file metagpt/utils/common.py. The manipulation results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. The project was...
Paramiko Unsafe randomness usage may allow access to sensitive information
common.py in Paramiko 1.7.1 and earlier, when using threads or forked processes, does not properly use RandomPool, which allows one session to obtain sensitive information from another session by predicting the state of the pool...
Path Traversal
onionsharecli is vulnerable to path traversal. The vulnerability exists in the common.py as it does not properly validate the access permissions, which allows an attacker to access sensitive information in the user's home folder...
CVE-2008-0299
common.py in Paramiko 1.7.1 and earlier, when using threads or forked processes, does not properly use RandomPool, which allows one session to obtain sensitive information from another session by predicting the state of the pool...