Homepage

agnai@0.1.0-alpha-20 vulnerabilities

Agnostic AI Chat

  • latest version

    1.0.429

  • latest non vulnerable version

    1.0.429

  • first published

    2 years ago

  • latest version published

    11 hours ago

  • licenses detected

  • View agnai package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the agnai package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • L
    Directory Traversal

    agnai is an Agnostic AI Chat

    Affected versions of this package are vulnerable to Directory Traversal through the loadMessages handler. An attacker can read arbitrary JSON files located on the server.

    How to fix Directory Traversal?

    Upgrade agnai to version 1.0.330 or higher.

    <1.0.330
    • L
    Directory Traversal

    agnai is an Agnostic AI Chat

    Affected versions of this package are vulnerable to Directory Traversal through the editCharacter and entityUpload functions. An attacker can manipulate the path where image files are uploaded, potentially overwriting critical system files.

    How to fix Directory Traversal?

    Upgrade agnai to version 1.0.330 or higher.

    <1.0.330
    • H
    Unrestricted Upload of File with Dangerous Type

    agnai is an Agnostic AI Chat

    Affected versions of this package are vulnerable to Unrestricted Upload of File with Dangerous Type through the manipulation of file paths and names. An attacker can execute arbitrary code and potentially take full control of the system.

    How to fix Unrestricted Upload of File with Dangerous Type?

    Upgrade agnai to version 1.0.330 or higher.

    <1.0.330
    Go back to all versions of this package