Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Authentication Bypass in composiohq/composio
Vulnerability Description
In composiohq/composio version 0.5.10, the API does not validate the `x-api-key` header's value during the authentication step. This vulnerability allows an attacker to bypass authentication by providing any random value in the `x-api-key` header, thereby gaining unauthorized access to the server.
CVSS Information
N/A
Vulnerability Type
认证中关键步骤缺失
Vulnerability Title
Composio 安全漏洞
Vulnerability Description
Composio是Composio开源的一个适用于 AI 代理的生产就绪工具集。 Composio 0.5.10版本存在安全漏洞,该漏洞源于API未验证x-api-key头部的值,可能导致未授权访问。
CVSS Information
N/A
Vulnerability Type
N/A