Agpt

Autogpt Classic

8 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2024-8156

Exploit
  • EPSS 2.64%
  • Veröffentlicht 20.03.2025 10:09:12
  • Zuletzt bearbeitet 15.10.2025 13:15:54

A command injection vulnerability exists in the workflow-checker.yml workflow of significant-gravitas/autogpt. The untrusted user input `github.head.ref` is used insecurely, allowing an attacker to inject arbitrary commands. This vulnerability affect...

9.8

CVE-2024-6091

Exploit
  • EPSS 0.18%
  • Veröffentlicht 11.09.2024 13:15:03
  • Zuletzt bearbeitet 05.08.2025 15:35:27

A vulnerability in significant-gravitas/autogpt version 0.5.1 allows an attacker to bypass the shell commands denylist settings. The issue arises when the denylist is configured to block specific commands, such as 'whoami' and '/bin/whoami'. An attac...

7.8

CVE-2024-1880

Exploit
  • EPSS 0.19%
  • Veröffentlicht 06.06.2024 19:15:51
  • Zuletzt bearbeitet 05.08.2025 15:35:27

An OS command injection vulnerability exists in the MacOS Text-To-Speech class MacOSTTS of the significant-gravitas/autogpt project, affecting versions up to v0.5.0. The vulnerability arises from the improper neutralization of special elements used i...

9.8

CVE-2024-1881

  • EPSS 0.83%
  • Veröffentlicht 06.06.2024 19:15:51
  • Zuletzt bearbeitet 05.08.2025 15:35:27

AutoGPT, a component of significant-gravitas/autogpt, is vulnerable to an improper neutralization of special elements used in an OS command ('OS Command Injection') due to a flaw in its shell command validation function. Specifically, the vulnerabili...

8.8

CVE-2024-1879

Exploit
  • EPSS 0.41%
  • Veröffentlicht 06.06.2024 18:15:12
  • Zuletzt bearbeitet 05.08.2025 15:35:27

A Cross-Site Request Forgery (CSRF) vulnerability in significant-gravitas/autogpt version v0.5.0 allows attackers to execute arbitrary commands on the AutoGPT server. The vulnerability stems from the lack of protections on the API endpoint receiving ...

8.8

CVE-2023-37273

  • EPSS 0.05%
  • Veröffentlicht 13.07.2023 23:15:10
  • Zuletzt bearbeitet 25.02.2026 15:06:10

Auto-GPT is an experimental open-source application showcasing the capabilities of the GPT-4 language model. Running Auto-GPT version prior to 0.4.3 by cloning the git repo and executing `docker compose run auto-gpt` in the repo root uses a different...

7.8

CVE-2023-37274

  • EPSS 0.06%
  • Veröffentlicht 13.07.2023 23:15:10
  • Zuletzt bearbeitet 24.02.2026 19:26:33

Auto-GPT is an experimental open-source application showcasing the capabilities of the GPT-4 language model. When Auto-GPT is executed directly on the host system via the provided run.sh or run.bat files, custom Python code execution is sandboxed usi...

4.3

CVE-2023-37275

  • EPSS 0.06%
  • Veröffentlicht 13.07.2023 23:15:10
  • Zuletzt bearbeitet 24.02.2026 19:26:13

Auto-GPT is an experimental open-source application showcasing the capabilities of the GPT-4 language model. The Auto-GPT command line UI makes heavy use of color-coded print statements to signify different types of system messages to the user, inclu...