Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Directory Traversal in modelscope/agentscope
Vulnerability Description
A directory traversal vulnerability exists in modelscope/agentscope version 0.0.4. An attacker can exploit this vulnerability to read any local JSON file by sending a crafted POST request to the /read-examples endpoint.
CVSS Information
N/A
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
AgentScope 安全漏洞
Vulnerability Description
AgentScope是ModelScope开源的一个应用程序。更简单地构建基于 LLM 的多智能体应用。 AgentScope 0.0.4版本存在安全漏洞,该漏洞源于/read-examples端点存在目录遍历,攻击者可以通过发送特制的POST请求读取任意本地JSON文件。
CVSS Information
N/A
Vulnerability Type
N/A