Filtered by vendor Composiohq
Subscriptions
Filtered by product Composio
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-56427 | 1 Composiohq | 1 Composio | 2025-12-05 | 7.5 High |
| Directory Traversal vulnerability in ComposioHQ v.0.7.20 allows a remote attacker to obtain sensitive information via the _download_file_or_dir function. | ||||
| CVE-2024-8955 | 2 Composio, Composiohq | 2 Composio, Composio | 2025-10-15 | 7.5 High |
| A Server-Side Request Forgery (SSRF) vulnerability exists in composiohq/composio version v0.4.4. This vulnerability allows an attacker to read the contents of any file in the system by exploiting the BROWSERTOOL_GOTO_PAGE and BROWSERTOOL_GET_PAGE_DETAILS actions. | ||||
| CVE-2024-8865 | 2 Composio, Composiohq | 2 Composio, Composio | 2024-09-17 | 3.5 Low |
| A vulnerability was found in composiohq composio up to 0.5.8 and classified as problematic. Affected by this issue is the function path of the file composio\server\api.py. The manipulation of the argument file leads to path traversal. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-8864 | 2 Composio, Composiohq | 2 Composio, Composio | 2024-09-17 | 5.5 Medium |
| A vulnerability has been found in composiohq composio up to 0.5.6 and classified as critical. Affected by this vulnerability is the function Calculator of the file python/composio/tools/local/mathematical/actions/calculator.py. The manipulation leads to code injection. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
Page 1 of 1.