-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe vulnerability stems from missing validation in handle_tool_calls implementations across multiple plugins. These functions processed LLM-generated tool calls without checking if the actions were explicitly requested via get_tools(), as shown in the pre-patch code samples from claude/openai/julep toolset.py files. The CWE-77 command injection pattern matches the ability to execute arbitrary commands through actions like SHELLTOOL_SPAWN_PROCESS. The high confidence comes from direct references in CVE/GHSA descriptions, commit diffs adding validation logic, and test cases demonstrating the exploit scenario.
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| composio-claude | pip | >= 0.5.40, < 0.6.9 | 0.6.9 |
| composio-openai | pip | >= 0.5.40, < 0.6.9 | 0.6.9 |
| composio-julep | pip | >= 0.5.40, < 0.6.9 | 0.6.9 |
Ongoing coverage of React2Shell