CVE-2024-23750

Published January 22nd, 2024

View on NVD ↗

CVSS v3

8.8

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

MetaGPT through 0.6.4 allows the QaEngineer role to execute arbitrary code because RunCode.run_script() passes shell metacharacters to subprocess.Popen.

FoundationAgents/MetaGPT

🌟 The Multi-Agent Framework: First AI Software Company, Towards Natural Language Programming

GitHub

68.8K