Vulnerability Details CVE-2024-8953
In composiohq/composio version 0.4.3, the mathematical_calculator endpoint uses the unsafe eval() function to perform mathematical operations. This can lead to arbitrary code execution if untrusted input is passed to the eval() function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.0%
CVSS Severity
CVSS v3 Score 7.2
References