Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/03/22 11:23 a.m.23 views

CVE-2024-8953

In composiohq/composio version 0.4.3, the mathematicalcalculator endpoint uses the unsafe eval function to perform mathematical operations. This can lead to arbitrary code execution if untrusted input is passed to the eval function...

9.8CVSS7.8AI score0.01103EPSS
Exploits1References1
OSV
OSV
added 2025/03/20 12:32 p.m.1 views

GHSA-5XG7-5662-8X7J Composio Eval Injection Vulnerability

In composiohq/composio version 0.4.3, the mathematicalcalculator endpoint uses the unsafe eval function to perform mathematical operations. This can lead to arbitrary code execution if untrusted input is passed to the eval function...

7.2CVSS6.4AI score0.01103EPSS
Exploits1References5
Snyk
Snyk
added 2025/03/20 12:32 p.m.2 views

Dynamic Variable Evaluation

Overview composio-core is a Core package to act as a bridge between composio platform and other services. Affected versions of this package are vulnerable to Dynamic Variable Evaluation through the eval function in the mathematicalcalculator endpoint. An attacker can execute arbitrary code by...

9.8CVSS7.7AI score0.01103EPSS
Exploits1References2
NVD
NVD
added 2025/03/20 10:15 a.m.32 views

CVE-2024-8953

In composiohq/composio version 0.4.3, the mathematicalcalculator endpoint uses the unsafe eval function to perform mathematical operations. This can lead to arbitrary code execution if untrusted input is passed to the eval function...

9.8CVSS0.01103EPSS
Exploits1References1
OSV
OSV
added 2025/03/20 10:10 a.m.9 views

CVE-2024-8953 Unsafe eval usage in composiohq/composio

In composiohq/composio version 0.4.3, the mathematicalcalculator endpoint uses the unsafe eval function to perform mathematical operations. This can lead to arbitrary code execution if untrusted input is passed to the eval function...

7.2CVSS7.6AI score0.01103EPSS
Exploits1References3
Rows per page
Query Builder