CVE-2025-32437
HighCVSS 8.7Summary
AutoGPT prior to version 0.6.63 has an issue with disk space management as `MediaDurationBlock` downloads and stores video in a temporary directory without deleting it after processing. `StepThroughItemsBlock` allows for multiple iterations of `MediaDurationBlock`, which can lead to disk space exhaustion.
Risk Assessment
A malicious user could exploit this vulnerability to exhaust disk space, leading to a DoS attack that disrupts system functionality.
Recommendation
It is recommended to upgrade to version 0.6.63, which addresses this issue, and to monitor disk space usage to prevent potential attacks.
Original NVD description (English source)
AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, `MediaDurationBlock` will download and store the video in a temporary directory without deleting before all noded are done. `StepThroughItemsBlock` can be used to iterate `MediaDurationBlock` multiple times. `StepThroughItemsBlock` does not limit the number of loops. In addition, `MediaDurationBlock ` does not limit the amount of disk space consumed in the current working directory and does not delete the video after outputing the result. When a malicious user chooses to screen shot many web pages, the disk space will eventually run out, causing a DoS. Version 0.6.63 patches the issue.

