Vulnerabilities > Composio

DATE CVE VULNERABILITY TITLE RISK
2025-03-20 CVE-2024-8952 Unspecified vulnerability in Composio 0.4.2
A Server-Side Request Forgery (SSRF) vulnerability exists in composiohq/composio version v0.4.2, specifically in the /api/actions/execute/WEBTOOL_SCRAPE_WEBSITE_CONTENT endpoint.
network
low complexity
composio
7.5
7.5
2025-03-20 CVE-2024-8953 Improper Control of Dynamically-Managed Code Resources vulnerability in Composio 0.4.3
In composiohq/composio version 0.4.3, the mathematical_calculator endpoint uses the unsafe eval() function to perform mathematical operations.
network
low complexity
composio CWE-913
critical
 9.8
9.8
2025-03-20 CVE-2024-8958 Unspecified vulnerability in Composio 0.4.3
In composiohq/composio version 0.4.3, there is an unrestricted file write and read vulnerability in the filetools actions.
network
low complexity
composio
critical
 9.8
9.8
2024-09-15 CVE-2024-8864 Code Injection vulnerability in Composio
A vulnerability has been found in composiohq composio up to 0.5.6 and classified as critical.
network
low complexity
composio CWE-94
8.8
8.8
2024-09-15 CVE-2024-8865 Path Traversal vulnerability in Composio
A vulnerability was found in composiohq composio up to 0.5.8 and classified as problematic.
network
low complexity
composio CWE-22
4.9
4.9