gpt-pilot@0.0.10

GPT Pilot - an AI developer that works with you to build complex projects

latest version

0.0.10

first published

2 years ago

latest version published

2 years ago

licenses detected

MIT
[0,)

View gpt-pilot package health on Snyk (opens in a new tab)

Go back to all versions of this package

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the gpt-pilot package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
M Command Injection gpt-pilot is a GPT Pilot - an AI developer that works with you to build complex projects Affected versions of this package are vulnerable to Command Injection via the `Executor.run()` function. An attacker can execute arbitrary shell commands by supplying crafted input that is passed directly to `asyncio.create_subprocess_shell` without validation. How to fix Command Injection? There is no fixed version for `gpt-pilot`.	[0,)

Command Injection

gpt-pilot is a GPT Pilot - an AI developer that works with you to build complex projects

Affected versions of this package are vulnerable to Command Injection via the Executor.run() function. An attacker can execute arbitrary shell commands by supplying crafted input that is passed directly to asyncio.create_subprocess_shell without validation.

How to fix Command Injection?

There is no fixed version for gpt-pilot.

[0,)

Go back to all versions of this package