Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Agno < 2.3.24 field_type Eval Injection Arbitrary Code Execution
Vulnerability Description
Agno versions prior to 2.3.24 contain an arbitrary code execution vulnerability in the model execution component that allows attackers to execute arbitrary Python code by manipulating the field_type parameter passed to eval(). Attackers can influence the field_type value in a FunctionCall to achieve remote code execution.
CVSS Information
N/A
Vulnerability Type
动态执行代码中指令转义处理不恰当(Eval注入)
Vulnerability Title
agno 安全漏洞
Vulnerability Description
agno是Agno开源的一个用于构建具有内存、知识和推理的多智能体系统的全栈框架。 Agno 2.3.24之前版本存在安全漏洞,该漏洞源于模型执行组件中field_type参数处理不当,可能导致远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A