5 matches found
CVE-2025-1040
creationtimestamp| type| source ---|---|--- 2025-03-20 12:48:49+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114194836597412892 2025-03-20 13:03:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lksr45lvir2w 2025-03-20 13:13:06+00:00| seen|...
CVE-2025-1040 Server-Side Template Injection (SSTI) in significant-gravitas/autogpt
AutoGPT versions 0.3.4 and earlier are vulnerable to a Server-Side Template Injection SSTI that could lead to Remote Code Execution RCE. The vulnerability arises from the improper handling of user-supplied format strings in the AgentOutputBlock implementation, where malicious input is passed to t...
CVE-2025-1040
CVE-2025-1040 : AutoGPT versions 0.3.4 and earlier are vulnerable to a Server-Side Template Injection (SSTI) that can lead to Remote Code Execution (RCE). The root cause is improper handling of user-supplied format strings in the AgentOutputBlock, where input is passed to the Jinja2 templating en...
CVE-2025-1040 Server-Side Template Injection (SSTI) in significant-gravitas/autogpt
AutoGPT versions 0.3.4 and earlier are vulnerable to a Server-Side Template Injection SSTI that could lead to Remote Code Execution RCE. The vulnerability arises from the improper handling of user-supplied format strings in the AgentOutputBlock implementation, where malicious input is passed to t...
CVE-2025-1040 Server-Side Template Injection (SSTI) in significant-gravitas/autogpt
AutoGPT versions 0.3.4 and earlier are vulnerable to a Server-Side Template Injection SSTI that could lead to Remote Code Execution RCE. The vulnerability arises from the improper handling of user-supplied format strings in the AgentOutputBlock implementation, where malicious input is passed to t...