CVE-2023-39661

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 15, 2023
Updated: Aug 22, 2023
CWE ID 74

Summary

CVE-2023-39661 is a vulnerability affecting pandas-ai versions prior to v0.9.1. This issue enables a remote attacker to execute arbitrary code through the _is_jailbreak function, making it a significant security concern for users of this library. An attacker could potentially exploit this vulnerability to gain unauthorized access or control over affected systems, leading to potential data theft or system compromise. Users are strongly urged to update to the latest version of pandas-ai to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share