pkg:PyPI/agentscope

All known vulnerabilities

• CRITICAL9.8CVE-2024-8502AgentScope Deserialization Vulnerability
  from 0, <= 0.0.6a3
• CRITICAL9.8CVE-2024-48050AgentScope uses `eval`
  from 0, < 0.0.5a1
• CRITICAL9.8CVE-2024-48050AgentScope uses `eval`
  from 0, <= 0.1.0
• CRITICAL9.1AgentScope path traversal vulnerability in save-workflow
  from 0, <= 0.1.1
• CRITICAL9.1AgentScope path traversal vulnerability
  from 0, <= 0.1.1
• HIGH7.5AgentScope Path Traversal in /api/file
  from 0, <= 0.0.4
• HIGH7.5AgentScope directory traversal vulnerability in /read-examples
  from 0, <= 0.0.4
• HIGH7.5AgentScope directory traversal vulnerability in /read-examples
  from 0, <= 0.0.4
• HIGH7.5AgentScope arbitrary file download vulnerability in rpc_agent_client
  from 0, <= 0.0.4
• HIGH7.5AgentScope Path Traversal in /api/file
  from 0, <= 0.0.4
• HIGH7.5AgentScope arbitrary file download vulnerability in rpc_agent_client
  from 0, <= 0.0.4
• HIGH7.5A Local File Inclusion (LFI) vulnerability exists in the /load-workflow endpoint of modelscope/agentscope version v0.0.4.
  from 0, <= 0.0.4
• HIGH7.4AgentScope Cross-Origin Resource Sharing (CORS) vulnerability
  from 0, <= 0.0.4
• HIGH7.4AgentScope Cross-Origin Resource Sharing (CORS) vulnerability
  from 0, <= 0.0.4
• HIGH7.3AgentScope vulnerable to Server-Side Request Forgery
  from 0, <= 1.0.18
• HIGH7.3AgentScope Vulnerable to Remote Code Injection
  from 0, <= 1.0.18
• HIGH7.3AgentScope vulnerable to Server-Side Request Forgery
  from 0, <= 1.0.18
• HIGH7.3AgentScope vulnerable to Server-Side Request Forgery
  from 0, <= 1.0.18
• MEDIUM6.1AgentScope stored cross-site scripting (XSS) vulnerability
  from 0, <= 0.1.1