3 matches found
EUVD-2024-17605
Malicious code in bioql PyPI...
CVE-2024-1880 OS Command Injection in MacOS Text-To-Speech Class in significant-gravitas/autogpt
An OS command injection vulnerability exists in the MacOS Text-To-Speech class MacOSTTS of the significant-gravitas/autogpt project, affecting versions up to v0.5.0. The vulnerability arises from the improper neutralization of special elements used in an OS command within the speech method of the...
CVE-2024-1880
CVE-2024-1880 concerns the significant-gravitas/autogpt project, where the MacOSTTS component (MacOS Text-To-Speech) in the _speech method uses os.system to run the say command with user-supplied text. This allows OS command injection and potential arbitrary code execution when AutoGPT is run wit...