agnai@1.0.311 vulnerabilities

Agnostic AI Chat

Known vulnerabilities in the agnai package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
L Directory Traversal agnai is an Agnostic AI Chat Affected versions of this package are vulnerable to Directory Traversal through the `loadMessages` handler. An attacker can read arbitrary JSON files located on the server. How to fix Directory Traversal? Upgrade `agnai` to version 1.0.330 or higher.	<1.0.330
L Directory Traversal agnai is an Agnostic AI Chat Affected versions of this package are vulnerable to Directory Traversal through the `editCharacter` and `entityUpload` functions. An attacker can manipulate the path where image files are uploaded, potentially overwriting critical system files. How to fix Directory Traversal? Upgrade `agnai` to version 1.0.330 or higher.	<1.0.330
H Unrestricted Upload of File with Dangerous Type agnai is an Agnostic AI Chat Affected versions of this package are vulnerable to Unrestricted Upload of File with Dangerous Type through the manipulation of file paths and names. An attacker can execute arbitrary code and potentially take full control of the system. How to fix Unrestricted Upload of File with Dangerous Type? Upgrade `agnai` to version 1.0.330 or higher.	<1.0.330