Filtered by vendor Modelscope
Subscriptions
Filtered by product Agentscope
Subscriptions
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-48050 | 1 Modelscope | 1 Agentscope | 2024-11-06 | 9.8 Critical |
In agentscope <=v0.0.4, the file agentscope\web\workstation\workflow_utils.py has the function is_callable_expression. Within this function, the line result = eval(s) poses a security risk as it can directly execute user-provided commands. |
Page 1 of 1.