An issue in llama_index v.0.7.13 and before allows a remote attacker to execute arbitrary code via the `exec` parameter in PandasQueryEngine function.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://github.com/jerryjliu/llama_index/issues/7054 |
![]() ![]() |
History
Tue, 08 Oct 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: mitre
Published: 2023-08-15T00:00:00
Updated: 2024-10-08T20:26:15.681Z
Reserved: 2023-08-07T00:00:00
Link: CVE-2023-39662

Updated: 2024-08-02T18:18:09.605Z

Status : Modified
Published: 2023-08-15T17:15:13.313
Modified: 2024-11-21T08:15:46.923
Link: CVE-2023-39662

No data.