Search criteria
3 vulnerabilities found for pyansys_geometry by ansys
CVE-2024-29189 (GCVE-0-2024-29189)
Vulnerability from nvd – Published: 2024-03-26 02:50 – Updated: 2024-08-05 20:27
VLAI?
Title
ansys-geometry-core OS Command Injection vulnerability
Summary
PyAnsys Geometry is a Python client library for the Ansys Geometry service and other CAD Ansys products. On file src/ansys/geometry/core/connection/product_instance.py, upon calling this method _start_program directly, users could exploit its usage to perform malicious operations on the current machine where the script is ran. This vulnerability is fixed in 0.3.3 and 0.4.12.
Severity ?
7.4 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ansys | pyansys-geometry |
Affected:
>= 0.3.0, < 0.3.3
Affected: >= 0.4.0, < 0.4.12 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:10:54.820Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/ansys/pyansys-geometry/security/advisories/GHSA-38jr-29fh-w9vm",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/ansys/pyansys-geometry/security/advisories/GHSA-38jr-29fh-w9vm"
},
{
"name": "https://github.com/ansys/pyansys-geometry/pull/1076",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/ansys/pyansys-geometry/pull/1076"
},
{
"name": "https://github.com/ansys/pyansys-geometry/pull/1077",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/ansys/pyansys-geometry/pull/1077"
},
{
"name": "https://github.com/ansys/pyansys-geometry/commit/902071701c4f3a8258cbaa46c28dc0a65442d1bc",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/ansys/pyansys-geometry/commit/902071701c4f3a8258cbaa46c28dc0a65442d1bc"
},
{
"name": "https://github.com/ansys/pyansys-geometry/commit/f82346b9432b06532e84f3278125f5879b4e9f3f",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/ansys/pyansys-geometry/commit/f82346b9432b06532e84f3278125f5879b4e9f3f"
},
{
"name": "https://bandit.readthedocs.io/en/1.7.8/plugins/b602_subprocess_popen_with_shell_equals_true.html",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bandit.readthedocs.io/en/1.7.8/plugins/b602_subprocess_popen_with_shell_equals_true.html"
},
{
"name": "https://github.com/ansys/pyansys-geometry/blob/52cba1737a8a7812e5430099f715fa2160ec007b/src/ansys/geometry/core/connection/product_instance.py#L403-L428",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/ansys/pyansys-geometry/blob/52cba1737a8a7812e5430099f715fa2160ec007b/src/ansys/geometry/core/connection/product_instance.py#L403-L428"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ansys:pyansys-geometry:0.3.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pyansys-geometry",
"vendor": "ansys",
"versions": [
{
"lessThan": "0.3.3",
"status": "affected",
"version": "0.3.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:ansys:pyansys-geometry:0.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pyansys-geometry",
"vendor": "ansys",
"versions": [
{
"lessThan": "0.4.12",
"status": "affected",
"version": "0.4.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29189",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T20:24:46.363776Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T20:27:31.415Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "pyansys-geometry",
"vendor": "ansys",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.3.0, \u003c 0.3.3"
},
{
"status": "affected",
"version": "\u003e= 0.4.0, \u003c 0.4.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PyAnsys Geometry is a Python client library for the Ansys Geometry service and other CAD Ansys products. On file src/ansys/geometry/core/connection/product_instance.py, upon calling this method _start_program directly, users could exploit its usage to perform malicious operations on the current machine where the script is ran. This vulnerability is fixed in 0.3.3 and 0.4.12."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-26T02:50:34.984Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ansys/pyansys-geometry/security/advisories/GHSA-38jr-29fh-w9vm",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ansys/pyansys-geometry/security/advisories/GHSA-38jr-29fh-w9vm"
},
{
"name": "https://github.com/ansys/pyansys-geometry/pull/1076",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ansys/pyansys-geometry/pull/1076"
},
{
"name": "https://github.com/ansys/pyansys-geometry/pull/1077",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ansys/pyansys-geometry/pull/1077"
},
{
"name": "https://github.com/ansys/pyansys-geometry/commit/902071701c4f3a8258cbaa46c28dc0a65442d1bc",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ansys/pyansys-geometry/commit/902071701c4f3a8258cbaa46c28dc0a65442d1bc"
},
{
"name": "https://github.com/ansys/pyansys-geometry/commit/f82346b9432b06532e84f3278125f5879b4e9f3f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ansys/pyansys-geometry/commit/f82346b9432b06532e84f3278125f5879b4e9f3f"
},
{
"name": "https://bandit.readthedocs.io/en/1.7.8/plugins/b602_subprocess_popen_with_shell_equals_true.html",
"tags": [
"x_refsource_MISC"
],
"url": "https://bandit.readthedocs.io/en/1.7.8/plugins/b602_subprocess_popen_with_shell_equals_true.html"
},
{
"name": "https://github.com/ansys/pyansys-geometry/blob/52cba1737a8a7812e5430099f715fa2160ec007b/src/ansys/geometry/core/connection/product_instance.py#L403-L428",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ansys/pyansys-geometry/blob/52cba1737a8a7812e5430099f715fa2160ec007b/src/ansys/geometry/core/connection/product_instance.py#L403-L428"
}
],
"source": {
"advisory": "GHSA-38jr-29fh-w9vm",
"discovery": "UNKNOWN"
},
"title": "ansys-geometry-core OS Command Injection vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-29189",
"datePublished": "2024-03-26T02:50:34.984Z",
"dateReserved": "2024-03-18T17:07:00.094Z",
"dateUpdated": "2024-08-05T20:27:31.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2024-29189
Vulnerability from fkie_nvd - Published: 2024-03-26 03:15 - Updated: 2025-12-15 21:38
Severity ?
7.4 (High) - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
PyAnsys Geometry is a Python client library for the Ansys Geometry service and other CAD Ansys products. On file src/ansys/geometry/core/connection/product_instance.py, upon calling this method _start_program directly, users could exploit its usage to perform malicious operations on the current machine where the script is ran. This vulnerability is fixed in 0.3.3 and 0.4.12.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ansys | pyansys_geometry | * | |
| ansys | pyansys_geometry | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ansys:pyansys_geometry:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2790C5-7621-470E-8F46-CD14E1C84737",
"versionEndExcluding": "0.3.3",
"versionStartIncluding": "0.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ansys:pyansys_geometry:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4A9FEDE-8D55-4CFE-864E-4D501F54CB43",
"versionEndExcluding": "0.4.12",
"versionStartIncluding": "0.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PyAnsys Geometry is a Python client library for the Ansys Geometry service and other CAD Ansys products. On file src/ansys/geometry/core/connection/product_instance.py, upon calling this method _start_program directly, users could exploit its usage to perform malicious operations on the current machine where the script is ran. This vulnerability is fixed in 0.3.3 and 0.4.12."
},
{
"lang": "es",
"value": "PyAnsys Geometry es una librer\u00eda cliente de Python para el servicio Ansys Geometry y otros productos CAD Ansys. En el archivo src/ansys/geometry/core/connection/product_instance.py, al llamar directamente a este m\u00e9todo _start_program, los usuarios podr\u00edan explotar su uso para realizar operaciones maliciosas en la m\u00e1quina actual donde se ejecuta el script. Esta vulnerabilidad se solucion\u00f3 en 0.3.3 y 0.4.12."
}
],
"id": "CVE-2024-29189",
"lastModified": "2025-12-15T21:38:09.403",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.4,
"impactScore": 5.9,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-03-26T03:15:13.150",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Technical Description"
],
"url": "https://bandit.readthedocs.io/en/1.7.8/plugins/b602_subprocess_popen_with_shell_equals_true.html"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/ansys/pyansys-geometry/blob/52cba1737a8a7812e5430099f715fa2160ec007b/src/ansys/geometry/core/connection/product_instance.py#L403-L428"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/ansys/pyansys-geometry/commit/902071701c4f3a8258cbaa46c28dc0a65442d1bc"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/ansys/pyansys-geometry/commit/f82346b9432b06532e84f3278125f5879b4e9f3f"
},
{
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/ansys/pyansys-geometry/pull/1076"
},
{
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/ansys/pyansys-geometry/pull/1077"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/ansys/pyansys-geometry/security/advisories/GHSA-38jr-29fh-w9vm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description"
],
"url": "https://bandit.readthedocs.io/en/1.7.8/plugins/b602_subprocess_popen_with_shell_equals_true.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/ansys/pyansys-geometry/blob/52cba1737a8a7812e5430099f715fa2160ec007b/src/ansys/geometry/core/connection/product_instance.py#L403-L428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/ansys/pyansys-geometry/commit/902071701c4f3a8258cbaa46c28dc0a65442d1bc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/ansys/pyansys-geometry/commit/f82346b9432b06532e84f3278125f5879b4e9f3f"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/ansys/pyansys-geometry/pull/1076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/ansys/pyansys-geometry/pull/1077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/ansys/pyansys-geometry/security/advisories/GHSA-38jr-29fh-w9vm"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
CVE-2024-29189 (GCVE-0-2024-29189)
Vulnerability from cvelistv5 – Published: 2024-03-26 02:50 – Updated: 2024-08-05 20:27
VLAI?
Title
ansys-geometry-core OS Command Injection vulnerability
Summary
PyAnsys Geometry is a Python client library for the Ansys Geometry service and other CAD Ansys products. On file src/ansys/geometry/core/connection/product_instance.py, upon calling this method _start_program directly, users could exploit its usage to perform malicious operations on the current machine where the script is ran. This vulnerability is fixed in 0.3.3 and 0.4.12.
Severity ?
7.4 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ansys | pyansys-geometry |
Affected:
>= 0.3.0, < 0.3.3
Affected: >= 0.4.0, < 0.4.12 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:10:54.820Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/ansys/pyansys-geometry/security/advisories/GHSA-38jr-29fh-w9vm",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/ansys/pyansys-geometry/security/advisories/GHSA-38jr-29fh-w9vm"
},
{
"name": "https://github.com/ansys/pyansys-geometry/pull/1076",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/ansys/pyansys-geometry/pull/1076"
},
{
"name": "https://github.com/ansys/pyansys-geometry/pull/1077",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/ansys/pyansys-geometry/pull/1077"
},
{
"name": "https://github.com/ansys/pyansys-geometry/commit/902071701c4f3a8258cbaa46c28dc0a65442d1bc",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/ansys/pyansys-geometry/commit/902071701c4f3a8258cbaa46c28dc0a65442d1bc"
},
{
"name": "https://github.com/ansys/pyansys-geometry/commit/f82346b9432b06532e84f3278125f5879b4e9f3f",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/ansys/pyansys-geometry/commit/f82346b9432b06532e84f3278125f5879b4e9f3f"
},
{
"name": "https://bandit.readthedocs.io/en/1.7.8/plugins/b602_subprocess_popen_with_shell_equals_true.html",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bandit.readthedocs.io/en/1.7.8/plugins/b602_subprocess_popen_with_shell_equals_true.html"
},
{
"name": "https://github.com/ansys/pyansys-geometry/blob/52cba1737a8a7812e5430099f715fa2160ec007b/src/ansys/geometry/core/connection/product_instance.py#L403-L428",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/ansys/pyansys-geometry/blob/52cba1737a8a7812e5430099f715fa2160ec007b/src/ansys/geometry/core/connection/product_instance.py#L403-L428"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ansys:pyansys-geometry:0.3.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pyansys-geometry",
"vendor": "ansys",
"versions": [
{
"lessThan": "0.3.3",
"status": "affected",
"version": "0.3.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:ansys:pyansys-geometry:0.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pyansys-geometry",
"vendor": "ansys",
"versions": [
{
"lessThan": "0.4.12",
"status": "affected",
"version": "0.4.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29189",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T20:24:46.363776Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T20:27:31.415Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "pyansys-geometry",
"vendor": "ansys",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.3.0, \u003c 0.3.3"
},
{
"status": "affected",
"version": "\u003e= 0.4.0, \u003c 0.4.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PyAnsys Geometry is a Python client library for the Ansys Geometry service and other CAD Ansys products. On file src/ansys/geometry/core/connection/product_instance.py, upon calling this method _start_program directly, users could exploit its usage to perform malicious operations on the current machine where the script is ran. This vulnerability is fixed in 0.3.3 and 0.4.12."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-26T02:50:34.984Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ansys/pyansys-geometry/security/advisories/GHSA-38jr-29fh-w9vm",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ansys/pyansys-geometry/security/advisories/GHSA-38jr-29fh-w9vm"
},
{
"name": "https://github.com/ansys/pyansys-geometry/pull/1076",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ansys/pyansys-geometry/pull/1076"
},
{
"name": "https://github.com/ansys/pyansys-geometry/pull/1077",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ansys/pyansys-geometry/pull/1077"
},
{
"name": "https://github.com/ansys/pyansys-geometry/commit/902071701c4f3a8258cbaa46c28dc0a65442d1bc",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ansys/pyansys-geometry/commit/902071701c4f3a8258cbaa46c28dc0a65442d1bc"
},
{
"name": "https://github.com/ansys/pyansys-geometry/commit/f82346b9432b06532e84f3278125f5879b4e9f3f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ansys/pyansys-geometry/commit/f82346b9432b06532e84f3278125f5879b4e9f3f"
},
{
"name": "https://bandit.readthedocs.io/en/1.7.8/plugins/b602_subprocess_popen_with_shell_equals_true.html",
"tags": [
"x_refsource_MISC"
],
"url": "https://bandit.readthedocs.io/en/1.7.8/plugins/b602_subprocess_popen_with_shell_equals_true.html"
},
{
"name": "https://github.com/ansys/pyansys-geometry/blob/52cba1737a8a7812e5430099f715fa2160ec007b/src/ansys/geometry/core/connection/product_instance.py#L403-L428",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ansys/pyansys-geometry/blob/52cba1737a8a7812e5430099f715fa2160ec007b/src/ansys/geometry/core/connection/product_instance.py#L403-L428"
}
],
"source": {
"advisory": "GHSA-38jr-29fh-w9vm",
"discovery": "UNKNOWN"
},
"title": "ansys-geometry-core OS Command Injection vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-29189",
"datePublished": "2024-03-26T02:50:34.984Z",
"dateReserved": "2024-03-18T17:07:00.094Z",
"dateUpdated": "2024-08-05T20:27:31.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}