AVID-2026-R1645

Description

SSRF Check Bypass in Requests Utility in significant-gravitas/autogpt (CVE-2025-0454)

Details

A Server-Side Request Forgery (SSRF) vulnerability was identified in the Requests utility of significant-gravitas/autogpt versions prior to v0.4.0. The vulnerability arises due to a hostname confusion between the urlparse function from the urllib.parse library and the requests library. A malicious user can exploit this by submitting a specially crafted URL, such as http://localhost:\@google.com/../, to bypass the SSRF check and perform an SSRF attack.

Reason for inclusion in AVID: The CVE describes a server-side request forgery (SSRF) vulnerability in the Requests utility of significant-gravitas/autogpt, an AI system. This is a software vulnerability within an AI framework/tooling stack used to build/run general-purpose AI systems. It affects the software supply chain for AI deployments (e.g., CI/CD, packaging, and runtime) since it resides in the application’s code path and could be exploited during operation. It is not hardware/firmware-only. The report provides explicit vulnerability behavior, affected versions, CVSS details, and references, supporting clear evidence for classification.

References

• NVD entry
• https://huntr.com/bounties/0664fdee-bdc2-4650-8075-74d7b8d3e308
• https://github.com/significant-gravitas/autogpt/commit/ff065cd24c2289878c0abdb9adbf91c305f0d70a

Affected or Relevant Artifacts

• Developer: OpenAI
• Deployer: OpenAI
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2025-03-20
• Version: 0.3.3
• AVID Entry