VYPR
High severityNVD Advisory· Published Mar 20, 2025· Updated Mar 20, 2025

Unsafe eval usage in composiohq/composio

CVE-2024-8953

Description

In composiohq/composio version 0.4.3, the mathematical_calculator endpoint uses the unsafe eval() function to perform mathematical operations. This can lead to arbitrary code execution if untrusted input is passed to the eval() function.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
composio-corePyPI
< 0.5.430.5.43

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.