| Title | composiohq composio <=0.5.6 Composio's Local tools Mathematical has a code injection |
|---|
| Description | In the Calculator class, there is no restriction on user request inputs, which could allow malicious code to be injected and executed within the eval function |
|---|
| Source | ⚠️ https://rumbling-slice-eb0.notion.site/Composio-s-Local-tools-Mathematical-has-a-code-injection-risk-in-composiohq-composio-ea0e89ee10fe4edfb9a8cfeed158c765?pvs=4 |
|---|
| User | aftersnow (UID 71336) |
|---|
| Submission | 09/05/2024 14:30 (2 years ago) |
|---|
| Moderation | 09/14/2024 07:56 (9 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 277501 [composiohq composio up to 0.5.6 calculator.py Calculator code injection] |
|---|
| Points | 12 |
|---|