VYPR
Unrated severityNVD Advisory· Published Sep 14, 2023· Updated Sep 25, 2024

CVE-2023-40955

CVE-2023-40955

Description

A SQL injection vulnerability in Didotech srl Engineering & Lifecycle Management (aka pdm) v.14.0, v.15.0 and v.16.0 fixed in pdm-14.0.1.0.0, pdm-15.0.1.0.0, and pdm-16.0.1.0.0 allows a remote authenticated attacker to execute arbitrary code via the select parameter in models/base_client.py component.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Didotech srl/Engineering & Lifecycle Managementdescription
  • Didotech srl/pdmllm-create
    Range: 14.0, 15.0, 16.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.