{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2024-53526", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2025-01-08T19:00:11.841158", "dateReserved": "2024-11-20T00:00:00", "datePublished": "2025-01-08T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2025-01-08T19:00:11.841158"}, "descriptions": [{"lang": "en", "value": "composio >=0.5.40 is vulnerable to Command Execution in composio_openai, composio_claude, and composio_julep via the handle_tool_calls function."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/ComposioHQ/composio/blob/11ee7470aa6543097ee30bb036af8e9726dc7a85/python/plugins/openai/composio_openai/toolset.py#L184"}, {"url": "https://github.com/ComposioHQ/composio/blob/11ee7470aa6543097ee30bb036af8e9726dc7a85/python/plugins/claude/composio_claude/toolset.py#L156"}, {"url": "https://github.com/ComposioHQ/composio/blob/11ee7470aa6543097ee30bb036af8e9726dc7a85/python/plugins/julep/composio_julep/toolset.py#L21"}, {"url": "https://github.com/ComposioHQ/composio/issues/1073"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}}, "dataVersion": "5.1"}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "composio >=0.5.40 is vulnerable to Command Execution in composio_openai, composio_claude, and composio_julep via the handle_tool_calls function."}], "id": "CVE-2024-53526", "lastModified": "2025-01-08T19:15:37.753", "metrics": {}, "published": "2025-01-08T19:15:37.753", "references": [{"source": "cve@mitre.org", "url": "https://github.com/ComposioHQ/composio/blob/11ee7470aa6543097ee30bb036af8e9726dc7a85/python/plugins/claude/composio_claude/toolset.py#L156"}, {"source": "cve@mitre.org", "url": "https://github.com/ComposioHQ/composio/blob/11ee7470aa6543097ee30bb036af8e9726dc7a85/python/plugins/julep/composio_julep/toolset.py#L21"}, {"source": "cve@mitre.org", "url": "https://github.com/ComposioHQ/composio/blob/11ee7470aa6543097ee30bb036af8e9726dc7a85/python/plugins/openai/composio_openai/toolset.py#L184"}, {"source": "cve@mitre.org", "url": "https://github.com/ComposioHQ/composio/issues/1073"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Received"}

{}