pkg:PyPI/agentscope

All known vulnerabilities

• CRITICAL9.8CVE-2024-8502AgentScope Deserialization Vulnerability
  from 0, <= 0.0.6a3
• CRITICAL9.8CVE-2024-48050AgentScope uses `eval`
  from 0, < 0.0.5a1
• CRITICAL9.8CVE-2024-48050AgentScope uses `eval`
  from 0, <= 0.1.0
• CRITICAL9.1CVE-2024-8551AgentScope path traversal vulnerability in save-workflow
  from 0, <= 0.1.1
• CRITICAL9.1CVE-2024-8537AgentScope path traversal vulnerability
  from 0, <= 0.1.1
• HIGH7.5CVE-2024-8438AgentScope Path Traversal in /api/file
  from 0, <= 0.0.4
• HIGH7.5CVE-2024-8524AgentScope directory traversal vulnerability in /read-examples
  from 0, <= 0.0.4
• HIGH7.5CVE-2024-8524AgentScope directory traversal vulnerability in /read-examples
  from 0, <= 0.0.4
• HIGH7.5CVE-2024-8501AgentScope arbitrary file download vulnerability in rpc_agent_client
  from 0, <= 0.0.4
• HIGH7.5CVE-2024-8438AgentScope Path Traversal in /api/file
  from 0, <= 0.0.4
• HIGH7.5CVE-2024-8501AgentScope arbitrary file download vulnerability in rpc_agent_client
  from 0, <= 0.0.4
• HIGH7.5CVE-2024-8550A Local File Inclusion (LFI) vulnerability exists in the /load-workflow endpoint of modelscope/agentscope version v0.0.4.
  from 0, <= 0.0.4
• HIGH7.4CVE-2024-8487AgentScope Cross-Origin Resource Sharing (CORS) vulnerability
  from 0, <= 0.0.4
• HIGH7.4CVE-2024-8487AgentScope Cross-Origin Resource Sharing (CORS) vulnerability
  from 0, <= 0.0.4
• HIGH7.3CVE-2026-6606AgentScope vulnerable to Server-Side Request Forgery
  from 0, <= 1.0.18
• HIGH7.3CVE-2026-6603AgentScope Vulnerable to Remote Code Injection
  from 0, <= 1.0.18
• HIGH7.3CVE-2026-6605AgentScope vulnerable to Server-Side Request Forgery
  from 0, <= 1.0.18
• HIGH7.3CVE-2026-6604AgentScope vulnerable to Server-Side Request Forgery
  from 0, <= 1.0.18
• MEDIUM6.1CVE-2024-8556AgentScope stored cross-site scripting (XSS) vulnerability
  from 0, <= 0.1.1