7 matches found
CVE-2024-23752
GenerateSDFPipeline in syntheticdataframe in PandasAI aka pandas-ai through 1.5.17 allows attackers to trigger the generation of arbitrary Python code that is executed by SDFCodeExecutor. An attacker can create a dataframe that provides an English language specification of this Python code. NOTE:...
exposeq (>=4.1.3 <=4.6.1), squadds (>=0.0.0 <=0.0.3) potentially affected by CVE-2024-23752 via pandasai (>=1.3.3 <=1.5.11)
pandasai PYPI version =1.3.3, =4.1.3, =0.0.0, =0.0.3 Source cves: CVE-2024-23752 Source advisory: OSV:GHSA-5G73-69P4-7GVX...
CVE-2024-23752
creationtimestamp| type| source ---|---|--- 2024-01-22 02:21:35+00:00| seen| https://t.me/ctinow/170954 2024-02-16 08:16:33+00:00| seen| https://t.me/ctinow/186167...
CVE-2024-23752
GenerateSDFPipeline in syntheticdataframe in PandasAI aka pandas-ai through 1.5.17 allows attackers to trigger the generation of arbitrary Python code that is executed by SDFCodeExecutor. An attacker can create a dataframe that provides an English language specification of this Python code. NOTE:...
CVE-2024-23752
GenerateSDFPipeline in syntheticdataframe in PandasAI aka pandas-ai through 1.5.17 allows attackers to trigger the generation of arbitrary Python code that is executed by SDFCodeExecutor. An attacker can create a dataframe that provides an English language specification of this Python code. NOTE:...
CVE-2024-23752
GenerateSDFPipeline in syntheticdataframe in PandasAI aka pandas-ai through 1.5.17 allows attackers to trigger the generation of arbitrary Python code that is executed by SDFCodeExecutor. An attacker can create a dataframe that provides an English language specification of this Python code. NOTE:...
CVE-2024-23752
GenerateSDFPipeline in syntheticdataframe in PandasAI aka pandas-ai through 1.5.17 allows attackers to trigger the generation of arbitrary Python code that is executed by SDFCodeExecutor. An attacker can create a dataframe that provides an English language specification of this Python code. NOTE:...