3 matches found
CVE-2024-1880
CVE-2024-1880 concerns the significant-gravitas/autogpt project, where the MacOSTTS component (MacOS Text-To-Speech) in the _speech method uses os.system to run the say command with user-supplied text. This allows OS command injection and potential arbitrary code execution when AutoGPT is run wit...
CVE-2024-1880 OS Command Injection in MacOS Text-To-Speech Class in significant-gravitas/autogpt
An OS command injection vulnerability exists in the MacOS Text-To-Speech class MacOSTTS of the significant-gravitas/autogpt project, affecting versions up to v0.5.0. The vulnerability arises from the improper neutralization of special elements used in an OS command within the speech method of the...
The vulnerability of the artificial intelligence tool AutoGPT arises from the failure to address the issue of eliminating special elements used in the operating system’s command set, allowing a perpetrator to execute arbitrary code.
The vulnerability of the artificial intelligence tool AutoGPT exists due to the failure to address the issue of neutralizing specific elements used in the operating system’s command line. Exploiting this vulnerability allows a hacker to execute arbitrary code when using an instance of AutoGPT wit...