6 matches found
CVE-2024-8952
A Server-Side Request Forgery SSRF vulnerability exists in composiohq/composio version v0.4.2, specifically in the /api/actions/execute/WEBTOOLSCRAPEWEBSITECONTENT endpoint. This vulnerability allows an attacker to read files, access AWS metadata, and interact with local services on the system...
agentic-fleet (>=0.1.6 <=0.4.81), composio (=0.1.1) +37 more potentially affected by CVE-2024-8952 via composio-core (>=0.3.13 <=0.7.21)
composio-core PYPI version =0.3.13, =0.1.6, =0.7.1, =0.3.13, =0.3.17, =0.3.13, =0.3.13, =0.7.1, =0.5.26, =0.3.13, =0.3.13, =0.3.13, =0.3.24, =0.7.15, =0.3.13, =0.7.20 and more Source cves: CVE-2024-8952 Source advisory: SNYK:PYTHON-COMPOSIOCORE-9637813...
CVE-2024-8952
A Server-Side Request Forgery SSRF vulnerability exists in composiohq/composio version v0.4.2, specifically in the /api/actions/execute/WEBTOOLSCRAPEWEBSITECONTENT endpoint. This vulnerability allows an attacker to read files, access AWS metadata, and interact with local services on the system...
CVE-2024-8952 SSRF in composiohq/composio
A Server-Side Request Forgery SSRF vulnerability exists in composiohq/composio version v0.4.2, specifically in the /api/actions/execute/WEBTOOLSCRAPEWEBSITECONTENT endpoint. This vulnerability allows an attacker to read files, access AWS metadata, and interact with local services on the system...
CVE-2024-8952 SSRF in composiohq/composio
A Server-Side Request Forgery SSRF vulnerability exists in composiohq/composio version v0.4.2, specifically in the /api/actions/execute/WEBTOOLSCRAPEWEBSITECONTENT endpoint. This vulnerability allows an attacker to read files, access AWS metadata, and interact with local services on the system...
CVE-2024-8952
The CVE-2024-8952 SSRF vulnerability affects composiohq/composio v0.4.2 in the /api/actions/execute/WEBTOOL_SCRAPE_WEBSITE_CONTENT endpoint. The issue enables an attacker to read files, access AWS metadata, and interact with local services via crafted requests. Affected component is the endpoint ...