Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/13 1:28 p.m.6 views

CVE-2024-12366

PandasAI uses an interactive prompt function that is vulnerable to prompt injection and run arbitrary Python code that can lead to Remote Code Execution RCE instead of the intended explanation of the natural language processing by the LLM...

9.8CVSS7.9AI score0.01183EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/02/11 3:32 p.m.3 views

date-a-scientist (>=0.1.0 <=0.1.19), exposeq (>=4.0.7 <=4.6.1) +3 more potentially affected by CVE-2024-12366 via pandasai (>=1.3.3 <=2.4.2)

pandasai PYPI version =1.3.3, =0.1.0, =4.0.7, =0.0.0, =0.0.3 Source cves: CVE-2024-12366 Source advisory: OSV:GHSA-VV2H-2W3Q-3FX7...

9.8CVSS5.8AI score0.01183EPSS
Exploits0
CVE
CVE
added 2025/02/11 12:42 p.m.55 views

CVE-2024-12366

CVE-2024-12366 affects PandasAI: its interactive prompt function is vulnerable to prompt injection, allowing an attacker to instruct the LLM to generate and execute arbitrary Python code within the process, causing Remote Code Execution (RCE) and potential system compromise or pivoting to connect...

9.8CVSS10AI score0.01183EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/02/11 12:42 p.m.3 views

CVE-2024-12366 CVE-2024-12366

PandasAI uses an interactive prompt function that is vulnerable to prompt injection and run arbitrary Python code that can lead to Remote Code Execution RCE instead of the intended explanation of the natural language processing by the LLM...

10AI score0.01183EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/02/11 12:42 p.m.9 views

CVE-2024-12366 CVE-2024-12366

PandasAI uses an interactive prompt function that is vulnerable to prompt injection and run arbitrary Python code that can lead to Remote Code Execution RCE instead of the intended explanation of the natural language processing by the LLM...

0.01183EPSS
Exploits0References2
Rows per page
Query Builder