Lucene search
+L

5 matches found

veracode
veracode
added 2025/03/27 2:44 a.m.6 views

Directory Traversal

agentscope is vulnerable to Directory Traversal. The vulnerability is due to improper validation of user-supplied file paths in the /read-examples endpoint, allowing attackers to traverse directories and access arbitrary JSON files...

7.5CVSS7.1AI score0.01211EPSS
Exploits1References4Affected Software1
snyk
snyk
added 2025/03/20 12:32 p.m.3 views

External Control of File Name or Path

Overview agentscope is an AgentScope: A Flexible yet Robust Multi-Agent Platform. Affected versions of this package are vulnerable to External Control of File Name or Path through the /read-examples endpoint. An attacker can read any local JSON file, containing API keys by sending a crafted POST...

8.7CVSS6.5AI score0.01211EPSS
Exploits1References2
pypa
pypa
added 2025/03/20 10:15 a.m.10 views

PYSEC-2025-83

A directory traversal vulnerability exists in modelscope/agentscope version 0.0.4. An attacker can exploit this vulnerability to read any local JSON file by sending a crafted POST request to the /read-examples endpoint...

7.5CVSS7.2AI score0.01211EPSS
Exploits1References2Affected Software1
osv
osv
added 2025/03/20 10:15 a.m.5 views

PYSEC-2025-83

A directory traversal vulnerability exists in modelscope/agentscope version 0.0.4. An attacker can exploit this vulnerability to read any local JSON file by sending a crafted POST request to the /read-examples endpoint...

7.5CVSS7.2AI score0.01211EPSS
Exploits1References2
osv
osv
added 2025/03/20 10:15 a.m.3 views

CVE-2024-8524

A directory traversal vulnerability exists in modelscope/agentscope version 0.0.4. An attacker can exploit this vulnerability to read any local JSON file by sending a crafted POST request to the /read-examples endpoint...

7.5CVSS5.8AI score0.01211EPSS
Exploits1References1
Rows per page
Query Builder