4 matches found
CVE-2023-37273
Auto-GPT is an experimental open-source application showcasing the capabilities of the GPT-4 language model. Running Auto-GPT version prior to 0.4.3 by cloning the git repo and executing docker compose run auto-gpt in the repo root uses a different docker-compose.yml file from the one suggested i...
CVE-2023-37273
CVE-2023-37273 affects Auto-GPT prior to 0.4.3. The root cause is a docker-compose.yml in the repo root mounted into the container without write protection, allowing malicious Python code via execute_python_file/execute_python_code to overwrite the file and abuse it to gain control of the host on...
CVE-2023-37273 Docker escape in Auto-GPT when running from docker-compose.yml included in git repo
Auto-GPT is an experimental open-source application showcasing the capabilities of the GPT-4 language model. Running Auto-GPT version prior to 0.4.3 by cloning the git repo and executing docker compose run auto-gpt in the repo root uses a different docker-compose.yml file from the one suggested i...
CVE-2023-37273 Docker escape in Auto-GPT when running from docker-compose.yml included in git repo
Auto-GPT is an experimental open-source application showcasing the capabilities of the GPT-4 language model. Running Auto-GPT version prior to 0.4.3 by cloning the git repo and executing docker compose run auto-gpt in the repo root uses a different docker-compose.yml file from the one suggested i...