tiny-scientist@0.0.1 vulnerabilities

A lightweight framework for building research agents

latest version

0.1.1

first published

4 months ago

latest version published

1 months ago

licenses detected

Apache-2.0
[0,)

View tiny-scientist package health on Snyk Advisor (opens in a new tab)

Go back to all versions of this package

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the tiny-scientist package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
H Directory Traversal tiny-scientist is an A lightweight framework for building research agents Affected versions of this package are vulnerable to Directory Traversal via the `review_paper` function in the `backend/app.py` file. An attacker can access arbitrary PDF files on the server by supplying crafted file paths that bypass intended security restrictions. How to fix Directory Traversal? There is no fixed version for `tiny-scientist`.	[0,)

Directory Traversal

tiny-scientist is an A lightweight framework for building research agents

Affected versions of this package are vulnerable to Directory Traversal via the review_paper function in the backend/app.py file. An attacker can access arbitrary PDF files on the server by supplying crafted file paths that bypass intended security restrictions.

How to fix Directory Traversal?

There is no fixed version for tiny-scientist.

[0,)

Go back to all versions of this package