Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/03/22 12:44 p.m.14 views

CVE-2024-8952

A Server-Side Request Forgery SSRF vulnerability exists in composiohq/composio version v0.4.2, specifically in the /api/actions/execute/WEBTOOLSCRAPEWEBSITECONTENT endpoint. This vulnerability allows an attacker to read files, access AWS metadata, and interact with local services on the system...

7.5CVSS6.6AI score0.00671EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2025/03/20 12:32 p.m.5 views

agentic-fleet (>=0.1.6 <=0.4.81), composio (=0.1.1) +37 more potentially affected by CVE-2024-8952 via composio-core (>=0.3.13 <=0.7.21)

composio-core PYPI version =0.3.13, =0.1.6, =0.7.1, =0.3.13, =0.3.17, =0.3.13, =0.3.13, =0.7.1, =0.5.26, =0.3.13, =0.3.13, =0.3.13, =0.3.24, =0.7.15, =0.3.13, =0.7.20 and more Source cves: CVE-2024-8952 Source advisory: SNYK:PYTHON-COMPOSIOCORE-9637813...

7.5CVSS6.7AI score0.00671EPSS
Exploits1
NVD
NVD
added 2025/03/20 10:15 a.m.11 views

CVE-2024-8952

A Server-Side Request Forgery SSRF vulnerability exists in composiohq/composio version v0.4.2, specifically in the /api/actions/execute/WEBTOOLSCRAPEWEBSITECONTENT endpoint. This vulnerability allows an attacker to read files, access AWS metadata, and interact with local services on the system...

7.5CVSS0.00671EPSS
Exploits1References1
OSV
OSV
added 2025/03/20 10:10 a.m.7 views

CVE-2024-8952 SSRF in composiohq/composio

A Server-Side Request Forgery SSRF vulnerability exists in composiohq/composio version v0.4.2, specifically in the /api/actions/execute/WEBTOOLSCRAPEWEBSITECONTENT endpoint. This vulnerability allows an attacker to read files, access AWS metadata, and interact with local services on the system...

6.8CVSS6.7AI score0.00671EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/03/20 10:10 a.m.9 views

CVE-2024-8952 SSRF in composiohq/composio

A Server-Side Request Forgery SSRF vulnerability exists in composiohq/composio version v0.4.2, specifically in the /api/actions/execute/WEBTOOLSCRAPEWEBSITECONTENT endpoint. This vulnerability allows an attacker to read files, access AWS metadata, and interact with local services on the system...

6.8CVSS6.5AI score0.00671EPSS
Exploits1References1
CVE
CVE
added 2025/03/20 10:10 a.m.86 views

CVE-2024-8952

The CVE-2024-8952 SSRF vulnerability affects composiohq/composio v0.4.2 in the /api/actions/execute/WEBTOOL_SCRAPE_WEBSITE_CONTENT endpoint. The issue enables an attacker to read files, access AWS metadata, and interact with local services via crafted requests. Affected component is the endpoint ...

7.5CVSS6.5AI score0.00671EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder