Agpt Autogpt_classic
8 CVEs affecting Agpt Autogpt_classic. Latest disclosed: 2025-03-20. Critical: 3, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-8156 | Critical | 9.8 | 2025-03-20 | A command injection vulnerability exists in the workflow-checker.yml workflow of significant-gravitas/autogpt. The untrusted user input `github.head.ref` is us… |
CVE-2024-6091 | Critical | 9.8 | 2024-09-11 | A vulnerability in significant-gravitas/autogpt version 0.5.1 allows an attacker to bypass the shell commands denylist settings. The issue arises when the deny… |
CVE-2024-1881 | Critical | 9.8 | 2024-06-06 | AutoGPT, a component of significant-gravitas/autogpt, is vulnerable to an improper neutralization of special elements used in an OS command ('OS Command Inject… |
CVE-2024-1879 | High | 8.8 | 2024-06-06 | A Cross-Site Request Forgery (CSRF) vulnerability in significant-gravitas/autogpt version v0.5.0 allows attackers to execute arbitrary commands on the AutoGPT… |
CVE-2023-37273 | High | 8.1 | 2023-07-13 | Auto-GPT is an experimental open-source application showcasing the capabilities of the GPT-4 language model. Running Auto-GPT version prior to 0.4.3 by cloning… |
CVE-2024-1880 | High | 7.8 | 2024-06-06 | An OS command injection vulnerability exists in the MacOS Text-To-Speech class MacOSTTS of the significant-gravitas/autogpt project, affecting versions up to v… |
CVE-2023-37274 | High | 7.5 | 2023-07-13 | Auto-GPT is an experimental open-source application showcasing the capabilities of the GPT-4 language model. When Auto-GPT is executed directly on the host sys… |
CVE-2023-37275 | Low | 3.1 | 2023-07-13 | Auto-GPT is an experimental open-source application showcasing the capabilities of the GPT-4 language model. The Auto-GPT command line UI makes heavy use of co… |