CNNVD-202602-900 Information
CNNVD ID
CNNVD-202602-900
Related CVE
- CNNVD Published: 2026-02-05
Description (Chinese)
AutoGPT是AutoGPT开源的一个工具。用于让每个人都能使用和构建可访问的AI。 AutoGPT autogpt-platform-beta-v0.6.32之前版本存在安全漏洞,该漏洞源于ReadRSSFeedBlock中解析XML时未限制解析时间和可分配的资源,可能导致内存资源耗尽,最终引发拒绝服务。
Description (English)
AutoGPT is a tool to open AutoGPT. Use this to make it possible for everyone to use and build accessable AI. The previous version of AutoGPT autogpt-platform-beta-v0.6.32 had a security loophole, which originated from the fact that the analysis of XML in ReadRSFeedBlock did not limit the time for the resolution and the resources allocated, which could lead to the depletion of memory resources and eventually to the denial of services.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
AutoGPT
Published
2026-02-05
Last Modified
2026-02-24
References
https://github.com/Significant-Gravitas/AutoGPT/commit/57a06f70883ce6be18738c6ae8bb41085c71e266 https://github.com/Significant-Gravitas/AutoGPT/security/advisories/GHSA-5cqw-g779-9f9x