2 matches found
GHSA-5G73-69P4-7GVX Code execution in pandasai
GenerateSDFPipeline in syntheticdataframe in PandasAI aka pandas-ai through 1.5.17 allows attackers to trigger the generation of arbitrary Python code that is executed by SDFCodeExecutor. An attacker can create a dataframe that provides an English language specification of this Python code. NOTE:...
PT-2024-20058
Name of the Vulnerable Software and Affected Versions PandasAI aka pandas-ai versions 1.5.17 and earlier Description The issue allows attackers to trigger the generation of arbitrary Python code that is executed by SDFCodeExecutor. An attacker can create a dataframe that provides an English...