Lucene search
K

15 matches found

Snyk
Snyk
added 2025/12/04 3:45 p.m.4 views

Directory Traversal

Overview composio-core is a Core package to act as a bridge between composio platform and other services. Affected versions of this package are vulnerable to Directory Traversal via the downloadfileordir function. An attacker can access sensitive files outside the intended directory by supplying...

7.5CVSS7.4AI score0.00822EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2025/12/04 3:45 p.m.5 views

agentic-fleet (>=0.1.6 <=0.4.81), composio (=0.1.1) +37 more potentially affected by CVE-2025-56427 via composio-core (>=0.3.13 <=0.7.21)

composio-core PYPI version =0.3.13, =0.1.6, =0.7.1, =0.3.13, =0.3.17, =0.3.13, =0.3.13, =0.7.1, =0.5.26, =0.3.13, =0.3.13, =0.3.13, =0.3.24, =0.7.15, =0.3.13, =0.7.20 and more Source cves: CVE-2025-56427 Source advisory: SNYK:PYTHON-COMPOSIOCORE-14191990...

7.5CVSS5.7AI score0.00822EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/03/20 12:32 p.m.5 views

agentic-fleet (>=0.1.6 <=0.4.81), composio (=0.1.1) +37 more potentially affected by CVE-2024-8952 via composio-core (>=0.3.13 <=0.7.21)

composio-core PYPI version =0.3.13, =0.1.6, =0.7.1, =0.3.13, =0.3.17, =0.3.13, =0.3.13, =0.7.1, =0.5.26, =0.3.13, =0.3.13, =0.3.13, =0.3.24, =0.7.15, =0.3.13, =0.7.20 and more Source cves: CVE-2024-8952 Source advisory: SNYK:PYTHON-COMPOSIOCORE-9637813...

7.5CVSS6.7AI score0.00671EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/03/20 12:32 p.m.4 views

agentic-fleet (>=0.1.6 <=0.4.81), composio (=0.1.1) +37 more potentially affected by CVE-2024-8955 via composio-core (>=0.3.13 <=0.7.21)

composio-core PYPI version =0.3.13, =0.1.6, =0.7.1, =0.3.13, =0.3.17, =0.3.13, =0.3.13, =0.7.1, =0.5.26, =0.3.13, =0.3.13, =0.3.13, =0.3.24, =0.7.15, =0.3.13, =0.7.20 and more Source cves: CVE-2024-8955 Source advisory: SNYK:PYTHON-COMPOSIOCORE-9637812...

7.5CVSS6.7AI score0.00679EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/03/20 12:32 p.m.8 views

composio-autogen (>=0.3.13 <=0.5.42), composio-camel (>=0.3.17 <=0.5.42) +13 more potentially affected by CVE-2024-8953 via composio-core (>=0.3.13 <=0.5.42)

composio-core PYPI version =0.3.13, =0.3.13, =0.3.17, =0.3.13, =0.3.13, =0.5.26, =0.3.13, =0.3.13, =0.3.13, =0.3.24, =0.3.13, =0.3.13, =0.3.13, =0.4.2, =0.3.24, =0.2.31, =0.2.40 Source cves: CVE-2024-8953 Source advisory: OSV:GHSA-5XG7-5662-8X7J...

9.8CVSS7AI score0.01103EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/03/20 12:32 p.m.4 views

composio-autogen (>=0.3.13 <=0.4.4), composio-camel (>=0.3.17 <=0.4.4) +11 more potentially affected by CVE-2024-8955 via composio-core (>=0.3.13 <=0.4.4)

composio-core PYPI version =0.3.13, =0.3.13, =0.3.17, =0.3.13, =0.3.13, =0.3.13, =0.3.13, =0.3.13, =0.3.24, =0.3.13, =0.3.13, =0.3.13, =0.4.2, =0.3.24, =0.4.4 Source cves: CVE-2024-8955 Source advisory: OSV:GHSA-38MG-WM59-G64X...

7.5CVSS6.6AI score0.00679EPSS
Exploits1
Snyk
Snyk
added 2025/03/20 12:32 p.m.4 views

Server-side Request Forgery (SSRF)

Overview composio-core is a Core package to act as a bridge between composio platform and other services. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF through the /api/actions/execute/WEBTOOLSCRAPEWEBSITECONTENT endpoint. An attacker with high privileges ca...

7.5CVSS6.6AI score0.00671EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2025/03/20 12:32 p.m.9 views

composio-autogen (>=0.3.13 <=0.5.42), composio-camel (>=0.3.17 <=0.5.42) +13 more potentially affected by CVE-2024-8953 via composio-core (>=0.3.13 <=0.5.42)

composio-core PYPI version =0.3.13, =0.3.13, =0.3.17, =0.3.13, =0.3.13, =0.5.26, =0.3.13, =0.3.13, =0.3.13, =0.3.24, =0.3.13, =0.3.13, =0.3.13, =0.4.2, =0.3.24, =0.2.31, =0.2.40 Source cves: CVE-2024-8953 Source advisory: SNYK:PYTHON-COMPOSIOCORE-9637814...

9.8CVSS7AI score0.01103EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/03/20 12:32 p.m.5 views

composio-autogen (>=0.3.13 <=0.4.2), composio-camel (>=0.3.17 <=0.4.2) +11 more potentially affected by CVE-2024-8952 via composio-core (>=0.3.13 <=0.4.2)

composio-core PYPI version =0.3.13, =0.3.13, =0.3.17, =0.3.13, =0.3.13, =0.3.13, =0.3.13, =0.3.13, =0.3.24, =0.3.13, =0.3.13, =0.3.13, =0.3.24, =0.4.2 Source cves: CVE-2024-8952 Source advisory: OSV:GHSA-QVG9-VP87-H3HR...

7.5CVSS6.6AI score0.00671EPSS
Exploits1
Snyk
Snyk
added 2025/03/20 12:32 p.m.2 views

Improper Neutralization of Data within XPath Expressions ('XPath Injection')

Overview composio-core is a Core package to act as a bridge between composio platform and other services. Affected versions of this package are vulnerable to Improper Neutralization of Data within XPath Expressions 'XPath Injection' via the BROWSERTOOLGOTOPAGE and BROWSERTOOLGETPAGEDETAILS action...

7.5CVSS6.8AI score0.00679EPSS
Exploits1References2
Snyk
Snyk
added 2025/03/20 12:32 p.m.3 views

Dynamic Variable Evaluation

Overview composio-core is a Core package to act as a bridge between composio platform and other services. Affected versions of this package are vulnerable to Dynamic Variable Evaluation through the eval function in the mathematicalcalculator endpoint. An attacker can execute arbitrary code by...

9.8CVSS7.7AI score0.01103EPSS
Exploits1References2
Snyk
Snyk
added 2025/01/08 7:40 p.m.3 views

Arbitrary Command Injection

Overview composio-core is a Core package to act as a bridge between composio platform and other services. Affected versions of this package are vulnerable to Arbitrary Command Injection via the handletoolcalls function due to improper user input sanitization. PoC py from composioopenai import...

8.5CVSS7.4AI score0.00584EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2025/01/08 7:40 p.m.5 views

composio-autogen (>=0.3.13 <=0.6.19), composio-camel (>=0.3.17 <=0.6.19) +16 more potentially affected by CVE-2024-53526 via composio-core (>=0.3.13 <=0.6.2)

composio-core PYPI version =0.3.13, =0.3.13, =0.3.17, =0.3.13, =0.3.13, =0.5.26, =0.3.13, =0.3.13, =0.3.13, =0.3.24, =0.3.13, =0.3.13, =0.3.13, =0.4.2, =0.3.24, =0.0.3, =0.0.7 and more Source cves: CVE-2024-53526 Source advisory: SNYK:PYTHON-COMPOSIOCORE-8605708...

6.4CVSS5.8AI score0.00584EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2024/09/16 2:37 p.m.9 views

composio-autogen (>=0.3.13 <=0.5.52rc2), composio-camel (>=0.3.17 <=0.5.52rc2) +15 more potentially affected by CVE-2024-8865 via composio-core (>=0.3.13 <=0.5.8)

composio-core PYPI version =0.3.13, =0.3.13, =0.3.17, =0.3.13, =0.3.13, =0.5.26, =0.3.13, =0.3.13, =0.3.13, =0.3.24, =0.3.13, =0.3.13, =0.3.13, =0.4.2, =0.3.24, =0.5.43 - gensphere =0.1.9 and more Source cves: CVE-2024-8865 Source advisory: OSV:GHSA-66R2-XM28-74W9...

5.1CVSS5.7AI score0.00863EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2024/09/16 2:37 p.m.8 views

composio-autogen (>=0.3.13 <=0.5.52rc2), composio-camel (>=0.3.17 <=0.5.52rc2) +15 more potentially affected by CVE-2024-8864 via composio-core (>=0.3.13 <=0.5.6)

composio-core PYPI version =0.3.13, =0.3.13, =0.3.17, =0.3.13, =0.3.13, =0.5.26, =0.3.13, =0.3.13, =0.3.13, =0.3.24, =0.3.13, =0.3.13, =0.3.13, =0.4.2, =0.3.24, =0.5.43 - gensphere =0.1.9 and more Source cves: CVE-2024-8864 Source advisory: OSV:GHSA-MRMH-3HQH-PFW7...

8.8CVSS6AI score0.00823EPSS
Exploits1
Rows per page
Query Builder