Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
AutoGPT has a DoS vulnerability in ReadRSSFeedBlock
Vulnerability Description
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to autogpt-platform-beta-v0.6.32, there is a DoS vulnerability in ReadRSSFeedBlock. In RSSBlock, feedparser.parser is called to obtain the XML file according to the URL input by the user, parse the XML, and finally obtain the parsed result. However, during the parsing process, there is no limit on the parsing time and the resources that can be allocated for parsing. When a malicious user lets RSSBlock parse a carefully constructed, deep XML, it will cause memory resources to be exhausted, eventually causing DoS. This issue has been patched in autogpt-platform-beta-v0.6.32.
CVSS Information
N/A
Vulnerability Type
不加限制或调节的资源分配
Vulnerability Title
AutoGPT 安全漏洞
Vulnerability Description
AutoGPT是AutoGPT开源的一个工具。用于让每个人都能使用和构建可访问的AI。 AutoGPT autogpt-platform-beta-v0.6.32之前版本存在安全漏洞,该漏洞源于ReadRSSFeedBlock中解析XML时未限制解析时间和可分配的资源,可能导致内存资源耗尽,最终引发拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A