Autogpt Security Vulnerabilities and Issues — Autogpt CVE List

Lucene search

AgptAutogpt

3 matches found

CVE•added 2024/06/06 6:15 p.m.•68 views

CVE-2024-1879

A Cross-Site Request Forgery (CSRF) vulnerability in significant-gravitas/autogpt version v0.5.0 allows attackers to execute arbitrary commands on the AutoGPT server. The vulnerability stems from the lack of protections on the API endpoint receiving instructions, enabling an attacker to direct a us...

8.8CVSS8.9AI score0.00388EPSS

CVE•added 2024/06/06 7:15 p.m.•62 views

CVE-2024-1881

AutoGPT, a component of significant-gravitas/autogpt, is vulnerable to an improper neutralization of special elements used in an OS command ('OS Command Injection') due to a flaw in its shell command validation function. Specifically, the vulnerability exists in versions v0.5.0 up to but not includ...

9.8CVSS9.1AI score0.00611EPSS

CVE•added 2024/06/06 7:15 p.m.•50 views

CVE-2024-1880

An OS command injection vulnerability exists in the MacOS Text-To-Speech class MacOSTTS of the significant-gravitas/autogpt project, affecting versions up to v0.5.0. The vulnerability arises from the improper neutralization of special elements used in an OS command within the _speech method of the ...

7.8CVSS7.9AI score0.00174EPSS