search

Sinaptik-AI / pandas-ai

Chat with your database (SQL, CSV, pandas, polars, mongodb, noSQL, etc). PandasAI makes data analysis conversational using LLMs (GPT 3.5 / 4, Anthropic, VertexAI) and RAG.
https://pandas-ai.com
Other
12.51k stars 1.2k forks source link

Security issues. #1287

Open 0gur1 opened 1 month ago

0gur1 commented 1 month ago

Hi, I have submitted two vulnerability reports privately with https://github.com/Sinaptik-AI/pandas-ai/security/advisories/new. And I also see the vulns have been patched in your new release. But I didn't get reply in the reports. Will you make my reports public and apply CVEs for them? Thanks.

dosubot[bot] commented 1 month ago

@0gur1 Hello there! I'm here to help you with any bugs, questions, or contributions while you wait for a human maintainer. Let's get started!

The process for making security vulnerability reports public and applying for CVEs in the pandas-ai repository is not documented in the available information. The person responsible for handling and responding to security advisories in the pandas-ai project is Gabriele Venturi [1]. You may want to follow up directly with Gabriele Venturi for further details on the status of your reports and the process for making them public and applying for CVEs.

To continue talking to Dosu, mention @dosu.

0gur1 commented 1 month ago

I try to contact Gabriele Venturi for weeks. I am really looking forward to contact with him.