2023-08-15 00:00:00
mitre
PUBLISHED
An issue in llama_index v.0.7.13 and before allows a remote attacker to execute arbitrary code via the `exec` parameter in PandasQueryEngine function.