Vulnerabilities > Llamaindex Project > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-08-15 CVE-2023-39662 Injection vulnerability in Llamaindex Project Llamaindex
An issue in llama_index v.0.7.13 and before allows a remote attacker to execute arbitrary code via the `exec` parameter in PandasQueryEngine function.
network
low complexity
llamaindex-project CWE-74
critical
9.8