5 matches found
CVE-2024-8953
In composiohq/composio version 0.4.3, the mathematicalcalculator endpoint uses the unsafe eval function to perform mathematical operations. This can lead to arbitrary code execution if untrusted input is passed to the eval function...
GHSA-5XG7-5662-8X7J Composio Eval Injection Vulnerability
In composiohq/composio version 0.4.3, the mathematicalcalculator endpoint uses the unsafe eval function to perform mathematical operations. This can lead to arbitrary code execution if untrusted input is passed to the eval function...
Dynamic Variable Evaluation
Overview composio-core is a Core package to act as a bridge between composio platform and other services. Affected versions of this package are vulnerable to Dynamic Variable Evaluation through the eval function in the mathematicalcalculator endpoint. An attacker can execute arbitrary code by...
CVE-2024-8953
In composiohq/composio version 0.4.3, the mathematicalcalculator endpoint uses the unsafe eval function to perform mathematical operations. This can lead to arbitrary code execution if untrusted input is passed to the eval function...
CVE-2024-8953 Unsafe eval usage in composiohq/composio
In composiohq/composio version 0.4.3, the mathematicalcalculator endpoint uses the unsafe eval function to perform mathematical operations. This can lead to arbitrary code execution if untrusted input is passed to the eval function...