CVE-2024-53526 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

composio >=0.5.40 is vulnerable to Command Execution in composio_openai, composio_claude, and composio_julep via the handle_tool_calls function.
Medium CVSS: 6.4

CVE-2024-53526

composio >=0.5.40 is vulnerable to Command Execution in composio_openai, composio_claude, and composio_julep via the handle_tool_calls function.
Vendor
Composio
Product
Composio
CWE
CWE-77
Yayın Tarihi
2025-01-08 19:15:37
Güncelleme
2025-07-16 00:38:50
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-77 Composio MEDIUM Composio 2025

Referanslar

https://github.com/ComposioHQ/composio/blob/11ee7470aa6543097ee30bb036af8e9726dc7a85/python/plugins/claude/composio_claude/toolset.py#L156 https://github.com/ComposioHQ/composio/blob/11ee7470aa6543097ee30bb036af8e9726dc7a85/python/plugins/julep/composio_julep/toolset.py#L21 https://github.com/ComposioHQ/composio/blob/11ee7470aa6543097ee30bb036af8e9726dc7a85/python/plugins/openai/composio_openai/toolset.py#L184 https://github.com/ComposioHQ/composio/issues/1073