CNNVD-202602-1419 Information
CNNVD ID
CNNVD-202602-1419
Related CVE
- CNNVD Published: 2026-02-10
Description (Chinese)
AutoGPT是AutoGPT开源的一个工具。用于让每个人都能使用和构建可访问的AI。 AutoGPT 0.6.32之前版本存在安全漏洞,该漏洞源于代码提取块使用的正则表达式存在危险模式,可能导致正则表达式拒绝服务攻击。
Description (English)
AutoGPT is a tool to open AutoGPT. Use this to make it possible for everyone to use and build accessable AI. A security loophole existed in the previous version of AutoGPT 0.6.32, which stemmed from the dangerous pattern of the regular expression used in the code extraction block, which could lead to a regular expression of denial of service attacks.
Vulnerability Type
其他
Affected Vendor
AutoGPT
Published
2026-02-10
Last Modified
2026-02-24
References
https://github.com/Significant-Gravitas/AutoGPT/blob/master/autogpt_platform/backend/backend/blocks/code_extraction_block.py#L106-L109 https://github.com/Significant-Gravitas/AutoGPT/blob/master/autogpt_platform/backend/backend/blocks/code_extraction_block.py#L86-L96 https://github.com/Significant-Gravitas/AutoGPT/commit/57a06f70883ce6be18738c6ae8bb41085c71e266 https://github.com/Significant-Gravitas/AutoGPT/releases/tag/autogpt-platform-beta-v0.6.32 https://github.com/Significant-Gravitas/AutoGPT/security/advisories/GHSA-m2wr-7m3r-p52c
Patch
https://github.com/Significant-Gravitas/AutoGPT/releases
Share on: