6 matches found
CVE-2024-53526
composio =0.5.40 is vulnerable to Command Execution in composioopenai, composioclaude, and composiojulep via the handletoolcalls function...
composio-autogen (>=0.3.13 <=0.6.19), composio-camel (>=0.3.17 <=0.6.19) +16 more potentially affected by CVE-2024-53526 via composio-core (>=0.3.13 <=0.6.2)
composio-core PYPI version =0.3.13, =0.3.13, =0.3.17, =0.3.13, =0.3.13, =0.5.26, =0.3.13, =0.3.13, =0.3.13, =0.3.24, =0.3.13, =0.3.13, =0.3.13, =0.4.2, =0.3.24, =0.0.3, =0.0.7 and more Source cves: CVE-2024-53526 Source advisory: SNYK:PYTHON-COMPOSIOCORE-8605708...
CVE-2024-53526
composio =0.5.40 is vulnerable to Command Execution in composioopenai, composioclaude, and composiojulep via the handletoolcalls function...
CVE-2024-53526
composio =0.5.40 is vulnerable to Command Execution in composioopenai, composioclaude, and composiojulep via the handletoolcalls function...
CVE-2024-53526
composio =0.5.40 is vulnerable to Command Execution in composioopenai, composioclaude, and composiojulep via the handletoolcalls function...
CVE-2024-53526
CVE-2024-53526 affects the Composio suite: versions 0.5.40 and later are vulnerable to arbitrary command execution via the handle_tool_calls function in the modules composio_openai, composio_claude, and composio_julep. The root cause is improper input sanitization enabling command injection. Impa...