CVE-2024-23752

GenerateSDFPipeline in synthetic_dataframe in PandasAI (aka pandas-ai) through 1.5.17 allows attackers to trigger the generation of arbitrary Python code that is executed by SDFCodeExecutor. An attacker can create a dataframe that provides an English language specification of this Python code. NOTE: the vendor previously attempted to restrict code execution in response to a separate issue, CVE-2023-39660.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/gventuri/pandas-ai/issues/868	Exploit Mailing List Vendor Advisory
https://github.com/gventuri/pandas-ai/issues/868	Exploit Mailing List Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:gabrieleventuri:pandasai:*:*:*:*:*:python:*:*

History

21 Nov 2024, 08:58

Type	Values Removed	Values Added
References	~~() https://github.com/gventuri/pandas-ai/issues/868 - Exploit, Mailing List, Vendor Advisory~~	() https://github.com/gventuri/pandas-ai/issues/868 - Exploit, Mailing List, Vendor Advisory

29 Jan 2024, 19:27

Type	Values Removed	Values Added
CWE		CWE-862
CPE		cpe:2.3:a:gabrieleventuri:pandasai::::::python::*
References	~~() https://github.com/gventuri/pandas-ai/issues/868 -~~	() https://github.com/gventuri/pandas-ai/issues/868 - Exploit, Mailing List, Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 9.8
First Time		Gabrieleventuri Gabrieleventuri pandasai

22 Jan 2024, 01:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-01-22 01:15

Updated : 2025-05-30 15:15

NVD link : CVE-2024-23752

Mitre link : CVE-2024-23752

CVE.ORG link : CVE-2024-23752

JSON object : View

Products Affected

gabrieleventuri

pandasai

CWE

CWE-862

Missing Authorization

{"id": "CVE-2024-23752", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2024-01-22T01:15:08.607", "references": [{"url": "https://github.com/gventuri/pandas-ai/issues/868", "tags": ["Exploit", "Mailing List", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/gventuri/pandas-ai/issues/868", "tags": ["Exploit", "Mailing List", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-862"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "GenerateSDFPipeline in synthetic_dataframe in PandasAI (aka pandas-ai) through 1.5.17 allows attackers to trigger the generation of arbitrary Python code that is executed by SDFCodeExecutor. An attacker can create a dataframe that provides an English language specification of this Python code. NOTE: the vendor previously attempted to restrict code execution in response to a separate issue, CVE-2023-39660."}, {"lang": "es", "value": "GenerateSDFPipeline en Synthetic_dataframe en PandasAI (tambi\u00e9n conocido como pandas-ai) hasta 1.5.17 permite a los atacantes activar la generaci\u00f3n de c\u00f3digo Python arbitrario que es ejecutado por SDFCodeExecutor. Un atacante puede crear un marco de datos que proporcione una especificaci\u00f3n en ingl\u00e9s de este c\u00f3digo Python. NOTA: el proveedor intent\u00f3 anteriormente restringir la ejecuci\u00f3n del c\u00f3digo en respuesta a un problema separado, CVE-2023-39660."}], "lastModified": "2025-05-30T15:15:37.600", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gabrieleventuri:pandasai:*:*:*:*:*:python:*:*", "vulnerable": true, "matchCriteriaId": "14CBB3DD-8C76-4489-9ED7-97DF5E46B561", "versionEndIncluding": "1.5.17"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}