22Oca
CVE-2024-23752 | PandasAI up to 1.5.17 Python Code synthetic_dataframe code injection (Issue 868)
A vulnerability has been found in PandasAI up to 1.5.17 and classified as critical. This vulnerability affects the functionsynthetic_dataframe
of the component Python Code Handler. The manipulation leads to code injection.
This vulnerability was named CVE-2024-23752. The attack can only be initiated within the local network. There is no exploit available.