Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Unrestricted File Write and Read in composiohq/composio
Vulnerability Description
In composiohq/composio version 0.4.3, there is an unrestricted file write and read vulnerability in the filetools actions. Due to improper validation of file paths, an attacker can read and write files anywhere on the server, potentially leading to privilege escalation or remote code execution.
CVSS Information
N/A
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
Composio 安全漏洞
Vulnerability Description
Composio是Composio开源的一个适用于 AI 代理的生产就绪工具集。 Composio 0.4.3版本存在安全漏洞,该漏洞源于filetools操作未对文件路径进行验证,可能导致任意文件读写。
CVSS Information
N/A
Vulnerability Type
N/A