CH0ico/CVE_choco_smolagent

Releases0

The core issue lies in the trust model of additional_authorized_imports. When a developer authorizes the requests module (a common requirement for web-enabled agents), the sandbox does not enforce any egress filtering or URL validation. An attacker can leverage this to probe internal networks or exfiltrate sensitive data via OOB techniques.

Subscribe above to receive notifications when new versions are released.

	Version	Date	Stability Stability is determined by the version string and my be inaccurate.

Previous Next