chore(deps): update dependency litellm to v1.61.15 #1

Security Report

❗️Scan Incomplete: The scan completed with partial failure. The integration encountered issues with one or more projects in this repository, preventing their scan. The errors occurred in the following package managers: gradle,CocoaPods. Consequently, there may be gaps in the coverage of open-source dependencies used in the repository.

Scan Details Report

gradle

/tmp/ws-scm/AutoGPT/classic/frontend/android/build.gradle

Step	Level	Description	Details
Preparing the project for scan	⚠Warn	One or more of the installations failed	failed running mend init script (mendDeps): NOTE: Picked up JDK_JAVA_OPTIONS: --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.base/sun.reflect.generics.reflectiveObjects=ALL-UNNAMED FAILURE: Build failed with an exception. * Where: Settings file '/tmp/ws-scm/AutoGPT/classic/frontend/android/settings.gradle' line: 6 * What went wrong: A problem occurred evaluating settings 'andro...

pip

/tmp/ws-scm/AutoGPT/classic/benchmark/agbenchmark/challenges/verticals/code/6_battleship/artifacts_in/product_requirements.txt

Step	Level	Description	Details
Resolving the project	⚠Warn	Some problems occurred while performing the resolution operation	Failed to execute command: /tmp/ws-ua_20260410154312_EULOVP/cmd_CRASQZ/20260410154330/LOOTRD_script.sh Error lines: [ERROR: Invalid requirement: 'Specifications for Battleship': Expected semicolon (after name with no version specifier) or end, Specifications for Battleship, ^ (from line 1 of /tmp/ws-scm/AutoGPT/classic/benchmark/agbenchmark/challenges/verticals/co... pip install command failed, trying to install dependencies one by one Failed to parse the following dependencies: [Players take turns calling out a row and column, attempting to name a square containing one of the opponent's ships., The Grid: Each player's grid is a 10x10 grid, identified by rows (using numbers 1-10) and columns (using letters A-J)., Each ship occupies contiguous squares on the grid, arranged either horizontally or vertically., At the start of t... Failed to execute command: /tmp/ws-ua_20260410154312_EULOVP/cmd_CRASQZ/20260410154331/TJQFCR_script.sh* Error lines: [ERROR: Could not find a version that satisfies the requirement Specifications (from versions: none), ERROR: No matching distribution found for Specifications] Output lines: [Looking in links: /tmp/ws-ua_20260410154312_EULOVP/python_JPNSZW/20260410154314/1] Failed to get hierarchy tree, trying to collect a flat list (which may only contain partial results)

/tmp/ws-scm/AutoGPT/classic/original_autogpt

Step	Level	Description	Details
Resolving the project	⚠Warn	Issue parsing of one or more of the files	Failed to identify some GitHub dependencies in file: /tmp/ws-scm/AutoGPT/classic/original_autogpt. The following lines could not be parsed: Processing ./. Installing build dependencies: started Installing build dependencies: finished with status 'done' Getting requirements to build wheel: started Getting requirements to build wheel: finished with status 'done' P...
Resolving the project	⚠Warn	Issue parsing of one or more of the files	Failed to resolve the following dependencies: [agpt-0.5.0, AutoGPT-Forge-0.2.0, en-core-web-sm-3.7.1] from /tmp/ws-scm/AutoGPT/classic/original_autogpt file.

/tmp/ws-scm/AutoGPT/classic/original_autogpt/autogpt/app

Step	Level	Description	Details
Resolving the project	⚠Warn	Some problems occurred while performing the resolution operation	Failed to execute command: /tmp/ws-ua_20260410154312_EULOVP/cmd_CRASQZ/20260410154508/QORDSJ_script.sh Error lines: [ error: subprocess-exited-with-error, Ã� Getting requirements to build wheel did not run successfully., â�� exit code: 1, â�°â��> [17 lines of output], Traceback (most recent call last):, File "/tmp/ws-ua_20260410154312_EULOVP/python_JPNSZW/2026041015... Failed to get hierarchy tree, trying to collect a flat list (which may only contain partial results)

poetry

/tmp/ws-scm/AutoGPT/classic/forge/pyproject.toml

Step	Level	Description	Details
Resolving the project	⚠Warn	Failed to build the dependency tree, fallback was used in the scan, results may be incomplete	Error occurred while parsing the poetry show --tree command on the /tmp/ws-scm/AutoGPT/classic/forge/pyproject.toml file

/tmp/ws-scm/AutoGPT/classic/original_autogpt/pyproject.toml

Step	Level	Description	Details
Resolving the project	⚠Warn	Failed to build the dependency tree, fallback was used in the scan, results may be incomplete	Error occurred while parsing the poetry show --tree command on the /tmp/ws-scm/AutoGPT/classic/original_autogpt/pyproject.toml file

You have successfully remediated 21 vulnerabilities, but introduced 28 new vulnerabilities in this branch.

❌ New vulnerabilities:

Vulnerability	Severity	CVSS Score	Vulnerable Library	Direct Library	Suggested Fix	Issue
CVE-2025-69223 Path to dependency file: /autogpt_platform/backend/.ws-temp-BEQUFP-requirements.txt Path to vulnerable library: /tmp/containerbase/cache/.cache/pypoetry/virtualenvs/autogpt-platform-backend--YkgNmTR-py3.10/lib/python3.10/site-packages/aiohttp-3.10.8.dist-info Dependency Hierarchy: -> autogpt-libs-0.2.0 (Root Library) -> supabase-2.7.4-py3-none-any.whl -> realtime-2.0.5-py3-none-any.whl -> ❌ aiohttp-3.10.8-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	High	7.5	`Transitive` aiohttp-3.10.8-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	autogpt-libs-0.2.0		None
CVE-2025-69223 Path to dependency file: /classic/benchmark/.ws-temp-URTOVL-requirements.txt Path to vulnerable library: /tmp/containerbase/cache/.cache/pypoetry/virtualenvs/agbenchmark-gctv3_E3-py3.10/lib/python3.10/site-packages/aiohttp-3.9.3.dist-info,/tmp/containerbase/cache/.cache/pypoetry/virtualenvs/agpt-cm9iHxbr-py3.10/lib/python3.10/site-packages/aiohttp-3.9.3.dist-info Dependency Hierarchy: -> agbenchmark-0.0.10-py3-none-any.whl (Root Library) -> ❌ aiohttp-3.9.3-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	High	7.5	`Transitive` aiohttp-3.9.3-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	agbenchmark-0.0.10-py3-none-any.whl		None
CVE-2025-69223 Path to dependency file: /classic/forge/.ws-temp-QDQBDM-requirements.txt Path to vulnerable library: /tmp/containerbase/cache/.cache/pypoetry/virtualenvs/autogpt-forge-Eq_saOJk-py3.10/lib/python3.10/site-packages/aiohttp-3.10.5.dist-info,/tmp/containerbase/cache/.cache/pypoetry/virtualenvs/autogpt-libs-BFR2WaoL-py3.10/lib/python3.10/site-packages/aiohttp-3.10.5.dist-info Dependency Hierarchy: -> ❌ aiohttp-3.10.5-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	High	7.5	`Direct` aiohttp-3.10.5-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	aiohttp-3.10.5-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl		None
CVE-2025-69223 Path to dependency file: /autogpt_platform/backend/.ws-temp-BEQUFP-requirements.txt Path to vulnerable library: /tmp/containerbase/cache/.cache/pypoetry/virtualenvs/autogpt-platform-backend--YkgNmTR-py3.10/lib/python3.10/site-packages/aiohttp-3.10.8.dist-info Dependency Hierarchy: -> supabase-2.7.4-py3-none-any.whl (Root Library) -> realtime-2.0.5-py3-none-any.whl -> ❌ aiohttp-3.10.8-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	High	7.5	`Transitive` aiohttp-3.10.8-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	supabase-2.7.4-py3-none-any.whl		None
CVE-2025-69223 Path to dependency file: /classic/benchmark/.ws-temp-URTOVL-requirements.txt Path to vulnerable library: /tmp/containerbase/cache/.cache/pypoetry/virtualenvs/agbenchmark-gctv3_E3-py3.10/lib/python3.10/site-packages/aiohttp-3.9.3.dist-info,/tmp/containerbase/cache/.cache/pypoetry/virtualenvs/agpt-cm9iHxbr-py3.10/lib/python3.10/site-packages/aiohttp-3.9.3.dist-info Dependency Hierarchy: -> agent_protocol_client-1.1.0-py3-none-any.whl (Root Library) -> ❌ aiohttp-3.9.3-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	High	7.5	`Transitive` aiohttp-3.9.3-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	agent_protocol_client-1.1.0-py3-none-any.whl		None
CVE-2025-67221 Path to dependency file: /classic/original_autogpt/.ws-temp-YHAYKK-requirements.txt Path to vulnerable library: /tmp/containerbase/cache/.cache/pypoetry/virtualenvs/agpt-cm9iHxbr-py3.10/lib/python3.10/site-packages/orjson-3.10.5.dist-info,/tmp/containerbase/cache/.cache/pypoetry/virtualenvs/autogpt-forge-Eq_saOJk-py3.10/lib/python3.10/site-packages/orjson-3.10.5.dist-info Dependency Hierarchy: -> ❌ orjson-3.10.5-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	High	7.5	`Direct` orjson-3.10.5-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	orjson-3.10.5-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl		None
CVE-2024-52303 Path to dependency file: /autogpt_platform/backend/.ws-temp-BEQUFP-requirements.txt Path to vulnerable library: /tmp/containerbase/cache/.cache/pypoetry/virtualenvs/autogpt-platform-backend--YkgNmTR-py3.10/lib/python3.10/site-packages/aiohttp-3.10.8.dist-info Dependency Hierarchy: -> autogpt-libs-0.2.0 (Root Library) -> supabase-2.7.4-py3-none-any.whl -> realtime-2.0.5-py3-none-any.whl -> ❌ aiohttp-3.10.8-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	High	7.5	`Transitive` aiohttp-3.10.8-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	autogpt-libs-0.2.0	`Transitive` aiohttp - 3.10.11	None
CVE-2024-52303 Path to dependency file: /autogpt_platform/backend/.ws-temp-BEQUFP-requirements.txt Path to vulnerable library: /tmp/containerbase/cache/.cache/pypoetry/virtualenvs/autogpt-platform-backend--YkgNmTR-py3.10/lib/python3.10/site-packages/aiohttp-3.10.8.dist-info Dependency Hierarchy: -> supabase-2.7.4-py3-none-any.whl (Root Library) -> realtime-2.0.5-py3-none-any.whl -> ❌ aiohttp-3.10.8-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	High	7.5	`Transitive` aiohttp-3.10.8-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	supabase-2.7.4-py3-none-any.whl	`Transitive` aiohttp - 3.10.11	None
CVE-2025-69224 Path to dependency file: /autogpt_platform/backend/.ws-temp-BEQUFP-requirements.txt Path to vulnerable library: /tmp/containerbase/cache/.cache/pypoetry/virtualenvs/autogpt-platform-backend--YkgNmTR-py3.10/lib/python3.10/site-packages/aiohttp-3.10.8.dist-info Dependency Hierarchy: -> autogpt-libs-0.2.0 (Root Library) -> supabase-2.7.4-py3-none-any.whl -> realtime-2.0.5-py3-none-any.whl -> ❌ aiohttp-3.10.8-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	Medium	6.5	`Transitive` aiohttp-3.10.8-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	autogpt-libs-0.2.0		None
CVE-2025-69224 Path to dependency file: /classic/benchmark/.ws-temp-URTOVL-requirements.txt Path to vulnerable library: /tmp/containerbase/cache/.cache/pypoetry/virtualenvs/agbenchmark-gctv3_E3-py3.10/lib/python3.10/site-packages/aiohttp-3.9.3.dist-info,/tmp/containerbase/cache/.cache/pypoetry/virtualenvs/agpt-cm9iHxbr-py3.10/lib/python3.10/site-packages/aiohttp-3.9.3.dist-info Dependency Hierarchy: -> agbenchmark-0.0.10-py3-none-any.whl (Root Library) -> ❌ aiohttp-3.9.3-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	Medium	6.5	`Transitive` aiohttp-3.9.3-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	agbenchmark-0.0.10-py3-none-any.whl		None
CVE-2025-69224 Path to dependency file: /classic/forge/.ws-temp-QDQBDM-requirements.txt Path to vulnerable library: /tmp/containerbase/cache/.cache/pypoetry/virtualenvs/autogpt-forge-Eq_saOJk-py3.10/lib/python3.10/site-packages/aiohttp-3.10.5.dist-info,/tmp/containerbase/cache/.cache/pypoetry/virtualenvs/autogpt-libs-BFR2WaoL-py3.10/lib/python3.10/site-packages/aiohttp-3.10.5.dist-info Dependency Hierarchy: -> ❌ aiohttp-3.10.5-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	Medium	6.5	`Direct` aiohttp-3.10.5-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	aiohttp-3.10.5-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl		None
CVE-2025-69224 Path to dependency file: /autogpt_platform/backend/.ws-temp-BEQUFP-requirements.txt Path to vulnerable library: /tmp/containerbase/cache/.cache/pypoetry/virtualenvs/autogpt-platform-backend--YkgNmTR-py3.10/lib/python3.10/site-packages/aiohttp-3.10.8.dist-info Dependency Hierarchy: -> supabase-2.7.4-py3-none-any.whl (Root Library) -> realtime-2.0.5-py3-none-any.whl -> ❌ aiohttp-3.10.8-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	Medium	6.5	`Transitive` aiohttp-3.10.8-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	supabase-2.7.4-py3-none-any.whl		None
CVE-2025-69224 Path to dependency file: /classic/benchmark/.ws-temp-URTOVL-requirements.txt Path to vulnerable library: /tmp/containerbase/cache/.cache/pypoetry/virtualenvs/agbenchmark-gctv3_E3-py3.10/lib/python3.10/site-packages/aiohttp-3.9.3.dist-info,/tmp/containerbase/cache/.cache/pypoetry/virtualenvs/agpt-cm9iHxbr-py3.10/lib/python3.10/site-packages/aiohttp-3.9.3.dist-info Dependency Hierarchy: -> agent_protocol_client-1.1.0-py3-none-any.whl (Root Library) -> ❌ aiohttp-3.9.3-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	Medium	6.5	`Transitive` aiohttp-3.9.3-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	agent_protocol_client-1.1.0-py3-none-any.whl		None
CVE-2025-69226 Path to dependency file: /autogpt_platform/backend/.ws-temp-BEQUFP-requirements.txt Path to vulnerable library: /tmp/containerbase/cache/.cache/pypoetry/virtualenvs/autogpt-platform-backend--YkgNmTR-py3.10/lib/python3.10/site-packages/aiohttp-3.10.8.dist-info Dependency Hierarchy: -> autogpt-libs-0.2.0 (Root Library) -> supabase-2.7.4-py3-none-any.whl -> realtime-2.0.5-py3-none-any.whl -> ❌ aiohttp-3.10.8-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	Medium	5.3	`Transitive` aiohttp-3.10.8-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	autogpt-libs-0.2.0		None
CVE-2025-69226 Path to dependency file: /classic/benchmark/.ws-temp-URTOVL-requirements.txt Path to vulnerable library: /tmp/containerbase/cache/.cache/pypoetry/virtualenvs/agbenchmark-gctv3_E3-py3.10/lib/python3.10/site-packages/aiohttp-3.9.3.dist-info,/tmp/containerbase/cache/.cache/pypoetry/virtualenvs/agpt-cm9iHxbr-py3.10/lib/python3.10/site-packages/aiohttp-3.9.3.dist-info Dependency Hierarchy: -> agbenchmark-0.0.10-py3-none-any.whl (Root Library) -> ❌ aiohttp-3.9.3-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	Medium	5.3	`Transitive` aiohttp-3.9.3-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	agbenchmark-0.0.10-py3-none-any.whl		None
CVE-2025-69226 Path to dependency file: /classic/forge/.ws-temp-QDQBDM-requirements.txt Path to vulnerable library: /tmp/containerbase/cache/.cache/pypoetry/virtualenvs/autogpt-forge-Eq_saOJk-py3.10/lib/python3.10/site-packages/aiohttp-3.10.5.dist-info,/tmp/containerbase/cache/.cache/pypoetry/virtualenvs/autogpt-libs-BFR2WaoL-py3.10/lib/python3.10/site-packages/aiohttp-3.10.5.dist-info Dependency Hierarchy: -> ❌ aiohttp-3.10.5-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	Medium	5.3	`Direct` aiohttp-3.10.5-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	aiohttp-3.10.5-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl		None
CVE-2025-69226 Path to dependency file: /autogpt_platform/backend/.ws-temp-BEQUFP-requirements.txt Path to vulnerable library: /tmp/containerbase/cache/.cache/pypoetry/virtualenvs/autogpt-platform-backend--YkgNmTR-py3.10/lib/python3.10/site-packages/aiohttp-3.10.8.dist-info Dependency Hierarchy: -> supabase-2.7.4-py3-none-any.whl (Root Library) -> realtime-2.0.5-py3-none-any.whl -> ❌ aiohttp-3.10.8-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	Medium	5.3	`Transitive` aiohttp-3.10.8-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	supabase-2.7.4-py3-none-any.whl		None
CVE-2025-69226 Path to dependency file: /classic/benchmark/.ws-temp-URTOVL-requirements.txt Path to vulnerable library: /tmp/containerbase/cache/.cache/pypoetry/virtualenvs/agbenchmark-gctv3_E3-py3.10/lib/python3.10/site-packages/aiohttp-3.9.3.dist-info,/tmp/containerbase/cache/.cache/pypoetry/virtualenvs/agpt-cm9iHxbr-py3.10/lib/python3.10/site-packages/aiohttp-3.9.3.dist-info Dependency Hierarchy: -> agent_protocol_client-1.1.0-py3-none-any.whl (Root Library) -> ❌ aiohttp-3.9.3-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	Medium	5.3	`Transitive` aiohttp-3.9.3-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	agent_protocol_client-1.1.0-py3-none-any.whl		None
CVE-2025-53643 Path to dependency file: /autogpt_platform/backend/.ws-temp-BEQUFP-requirements.txt Path to vulnerable library: /tmp/containerbase/cache/.cache/pypoetry/virtualenvs/autogpt-platform-backend--YkgNmTR-py3.10/lib/python3.10/site-packages/aiohttp-3.10.8.dist-info Dependency Hierarchy: -> autogpt-libs-0.2.0 (Root Library) -> supabase-2.7.4-py3-none-any.whl -> realtime-2.0.5-py3-none-any.whl -> ❌ aiohttp-3.10.8-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	Medium	5.3	`Transitive` aiohttp-3.10.8-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	autogpt-libs-0.2.0	`Transitive` 3.12.14	None
CVE-2025-53643 Path to dependency file: /classic/benchmark/.ws-temp-URTOVL-requirements.txt Path to vulnerable library: /tmp/containerbase/cache/.cache/pypoetry/virtualenvs/agbenchmark-gctv3_E3-py3.10/lib/python3.10/site-packages/aiohttp-3.9.3.dist-info,/tmp/containerbase/cache/.cache/pypoetry/virtualenvs/agpt-cm9iHxbr-py3.10/lib/python3.10/site-packages/aiohttp-3.9.3.dist-info Dependency Hierarchy: -> agbenchmark-0.0.10-py3-none-any.whl (Root Library) -> ❌ aiohttp-3.9.3-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	Medium	5.3	`Transitive` aiohttp-3.9.3-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	agbenchmark-0.0.10-py3-none-any.whl	`Transitive` 3.12.14	None
CVE-2025-53643 Path to dependency file: /classic/forge/.ws-temp-QDQBDM-requirements.txt Path to vulnerable library: /tmp/containerbase/cache/.cache/pypoetry/virtualenvs/autogpt-forge-Eq_saOJk-py3.10/lib/python3.10/site-packages/aiohttp-3.10.5.dist-info,/tmp/containerbase/cache/.cache/pypoetry/virtualenvs/autogpt-libs-BFR2WaoL-py3.10/lib/python3.10/site-packages/aiohttp-3.10.5.dist-info Dependency Hierarchy: -> ❌ aiohttp-3.10.5-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	Medium	5.3	`Direct` aiohttp-3.10.5-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	aiohttp-3.10.5-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	3.12.14	None
CVE-2025-53643 Path to dependency file: /autogpt_platform/backend/.ws-temp-BEQUFP-requirements.txt Path to vulnerable library: /tmp/containerbase/cache/.cache/pypoetry/virtualenvs/autogpt-platform-backend--YkgNmTR-py3.10/lib/python3.10/site-packages/aiohttp-3.10.8.dist-info Dependency Hierarchy: -> supabase-2.7.4-py3-none-any.whl (Root Library) -> realtime-2.0.5-py3-none-any.whl -> ❌ aiohttp-3.10.8-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	Medium	5.3	`Transitive` aiohttp-3.10.8-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	supabase-2.7.4-py3-none-any.whl	`Transitive` 3.12.14	None
CVE-2025-53643 Path to dependency file: /classic/benchmark/.ws-temp-URTOVL-requirements.txt Path to vulnerable library: /tmp/containerbase/cache/.cache/pypoetry/virtualenvs/agbenchmark-gctv3_E3-py3.10/lib/python3.10/site-packages/aiohttp-3.9.3.dist-info,/tmp/containerbase/cache/.cache/pypoetry/virtualenvs/agpt-cm9iHxbr-py3.10/lib/python3.10/site-packages/aiohttp-3.9.3.dist-info Dependency Hierarchy: -> agent_protocol_client-1.1.0-py3-none-any.whl (Root Library) -> ❌ aiohttp-3.9.3-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	Medium	5.3	`Transitive` aiohttp-3.9.3-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	agent_protocol_client-1.1.0-py3-none-any.whl	`Transitive` 3.12.14	None
CVE-2024-52304 Path to dependency file: /autogpt_platform/backend/.ws-temp-BEQUFP-requirements.txt Path to vulnerable library: /tmp/containerbase/cache/.cache/pypoetry/virtualenvs/autogpt-platform-backend--YkgNmTR-py3.10/lib/python3.10/site-packages/aiohttp-3.10.8.dist-info Dependency Hierarchy: -> autogpt-libs-0.2.0 (Root Library) -> supabase-2.7.4-py3-none-any.whl -> realtime-2.0.5-py3-none-any.whl -> ❌ aiohttp-3.10.8-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	Medium	5.3	`Transitive` aiohttp-3.10.8-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	autogpt-libs-0.2.0	`Transitive` aiohttp - 3.10.11	None
CVE-2024-52304 Path to dependency file: /autogpt_platform/backend/.ws-temp-BEQUFP-requirements.txt Path to vulnerable library: /tmp/containerbase/cache/.cache/pypoetry/virtualenvs/autogpt-platform-backend--YkgNmTR-py3.10/lib/python3.10/site-packages/aiohttp-3.10.8.dist-info Dependency Hierarchy: -> supabase-2.7.4-py3-none-any.whl (Root Library) -> realtime-2.0.5-py3-none-any.whl -> ❌ aiohttp-3.10.8-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	Medium	5.3	`Transitive` aiohttp-3.10.8-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	supabase-2.7.4-py3-none-any.whl	`Transitive` aiohttp - 3.10.11	None
CVE-2024-40647 Path to dependency file: /classic/original_autogpt Path to vulnerable library: /tmp/ws-ua_20260410154312_EULOVP/python_JPNSZW/20260410154314/sentry_sdk-1.45.1-py2.py3-none-any.whl Dependency Hierarchy: -> ❌ sentry_sdk-1.45.1-py2.py3-none-any.whl (Vulnerable Library)	Medium	5.3	`Direct` sentry_sdk-1.45.1-py2.py3-none-any.whl	sentry_sdk-1.45.1-py2.py3-none-any.whl	sentry-sdk - 2.8.0	None
CVE-2021-33430 Path to dependency file: /classic/benchmark/.ws-temp-URTOVL-requirements.txt Path to vulnerable library: /tmp/containerbase/cache/.cache/pypoetry/virtualenvs/agbenchmark-gctv3_E3-py3.10/lib/python3.10/site-packages/numpy-1.26.3.dist-info,/tmp/containerbase/cache/.cache/pypoetry/virtualenvs/agpt-cm9iHxbr-py3.10/lib/python3.10/site-packages/numpy-1.26.3.dist-info,/tmp/containerbase/cache/.cache/pypoetry/virtualenvs/autogpt-forge-Eq_saOJk-py3.10/lib/python3.10/site-packages/numpy-1.26.3.dist-info Dependency Hierarchy: -> ❌ numpy-1.26.3-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	Medium	5.3	`Direct` numpy-1.26.3-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	numpy-1.26.3-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl		None
CVE-2021-33430 Path to dependency file: /docs/requirements.txt Path to vulnerable library: /tmp/ws-ua_20260410154312_EULOVP/python_JPNSZW/202604101545111/env/lib/python3.10/site-packages/numpy-2.2.6.dist-info Dependency Hierarchy: -> mkdocs_table_reader_plugin-3.1.0-py3-none-any.whl (Root Library) -> pandas-2.3.3-cp310-cp310-manylinux_2_24_x86_64.manylinux_2_28_x86_64.whl -> ❌ numpy-2.2.6-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	Medium	5.3	`Transitive` numpy-2.2.6-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	mkdocs_table_reader_plugin-3.1.0-py3-none-any.whl		None

✔️ Remediated vulnerabilities:

Vulnerability	Vulnerable Library
CVE-2025-47273	setuptools-69.0.3-py3-none-any.whl
CVE-2025-69224	aiohttp-3.10.8-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2025-53643	aiohttp-3.10.5-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2025-69226	aiohttp-3.10.5-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2024-10188	litellm-1.17.9-py3-none-any.whl
CVE-2025-69223	aiohttp-3.10.5-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2025-0628	litellm-1.17.9-py3-none-any.whl
CVE-2025-69226	aiohttp-3.10.8-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2025-69224	aiohttp-3.10.5-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2025-69223	aiohttp-3.9.3-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2021-33430	numpy-1.26.3-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2025-67221	orjson-3.10.5-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2024-52304	aiohttp-3.10.8-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2021-33430	numpy-2.0.2-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2025-69226	aiohttp-3.9.3-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2025-53643	aiohttp-3.9.3-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2024-52303	aiohttp-3.10.8-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2025-69224	aiohttp-3.9.3-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2025-47273	setuptools-70.1.1-py3-none-any.whl
CVE-2025-69223	aiohttp-3.10.8-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2025-53643	aiohttp-3.10.8-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl

Base branch total remaining vulnerabilities: 91
Base branch commit: b74c8d4152d600b0a70b423a8ee2d3fcd7737272

Total libraries scanned: 1091

Scan token: d7969135365f4e3a88585ff0d9bc0f96

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update dependency litellm to v1.61.15 #1

Uh oh!

Uh oh!

chore(deps): update dependency litellm to v1.61.15 #1

Uh oh!

Security Report

gradle

/tmp/ws-scm/AutoGPT/classic/frontend/android/build.gradle

pip

/tmp/ws-scm/AutoGPT/classic/benchmark/agbenchmark/challenges/verticals/code/6_battleship/artifacts_in/product_requirements.txt

/tmp/ws-scm/AutoGPT/classic/original_autogpt

/tmp/ws-scm/AutoGPT/classic/original_autogpt/autogpt/app

poetry

/tmp/ws-scm/AutoGPT/classic/forge/pyproject.toml

/tmp/ws-scm/AutoGPT/classic/original_autogpt/pyproject.toml

Re-running checks...

chore(deps): update dependency litellm to v1.61.15 #1

Are you sure you want to change the base?

Uh oh!