Submit #593614: TransformerOptimus SuperAGI <=v0.0.14 Path Traversalinfo

TitleTransformerOptimus SuperAGI <=v0.0.14 Path Traversal
DescriptionDue to improper implementation, SuperAGI EmailToolKit does not validate the file names of email attachments, resulting in path traversal when saving.
Source⚠️ https://github.com/TransformerOptimus/SuperAGI/issues/1466
User
 Anonymous User
Submission06/10/2025 04:03 (10 months ago)
Moderation06/19/2025 08:56 (9 days later)
StatusAccepted
VulDB entry313284 [TransformerOptimus SuperAGI up to 0.0.14 EmailToolKit read_email.py download_attachment filename path traversal]
Points15

PreviousOverviewNext

Do you want to use VulDB in your project?

Use the official API to access entries easily!