CVE-2023-39661
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Aug 15, 2023
Updated: Aug 22, 2023
CWE ID 74
Summary
CVE-2023-39661 is a vulnerability affecting pandas-ai versions prior to v0.9.1. This issue enables a remote attacker to execute arbitrary code through the _is_jailbreak function, making it a significant security concern for users of this library. An attacker could potentially exploit this vulnerability to gain unauthorized access or control over affected systems, leading to potential data theft or system compromise. Users are strongly urged to update to the latest version of pandas-ai to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share