CVE-2024-8524 · CVEKit

cve.orgen

219 chars

A directory traversal vulnerability exists in modelscope/agentscope version 0.0.4. An attacker can exploit this vulnerability to read any local JSON file by sending a crafted POST request to the /read-examples endpoint.

NVDen

219 chars

A directory traversal vulnerability exists in modelscope/agentscope version 0.0.4. An attacker can exploit this vulnerability to read any local JSON file by sending a crafted POST request to the /read-examples endpoint.

OSV.deven

219 chars

A directory traversal vulnerability exists in modelscope/agentscope version 0.0.4. An attacker can exploit this vulnerability to read any local JSON file by sending a crafted POST request to the /read-examples endpoint.

GHSAen

219 chars

A directory traversal vulnerability exists in modelscope/agentscope version 0.0.4. An attacker can exploit this vulnerability to read any local JSON file by sending a crafted POST request to the /read-examples endpoint.

NVDes

243 chars

Existe una vulnerabilidad de directory traversal en modelscope/agentscope versión 0.0.4. Un atacante puede aprovechar esta vulnerabilidad para leer cualquier archivo JSON local enviando una solicitud POST manipulada al endpoint /read-examples.

CVSS metrics across sources

5

Version	Type	Source	Base	Exp	Impact	Vector
3.0	Primary	cve.org	7.5	—	—	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3.0	Primary	cve.org	7.5	—	—	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N