{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-14T19:15:37.638","vulnerabilities":[{"cve":{"id":"CVE-2024-29189","sourceIdentifier":"security-advisories@github.com","published":"2024-03-26T03:15:13.150","lastModified":"2025-12-15T21:38:09.403","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"PyAnsys Geometry is a Python client library for the Ansys Geometry service and other CAD Ansys products. On file src/ansys/geometry/core/connection/product_instance.py, upon calling this method _start_program directly, users could exploit its usage to perform malicious operations on the current machine where the script is ran. This vulnerability is fixed in 0.3.3 and 0.4.12."},{"lang":"es","value":"PyAnsys Geometry es una librería cliente de Python para el servicio Ansys Geometry y otros productos CAD Ansys. En el archivo src/ansys/geometry/core/connection/product_instance.py, al llamar directamente a este método _start_program, los usuarios podrían explotar su uso para realizar operaciones maliciosas en la máquina actual donde se ejecuta el script. Esta vulnerabilidad se solucionó en 0.3.3 y 0.4.12."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.4,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ansys:pyansys_geometry:*:*:*:*:*:*:*:*","versionStartIncluding":"0.3.0","versionEndExcluding":"0.3.3","matchCriteriaId":"9D2790C5-7621-470E-8F46-CD14E1C84737"},{"vulnerable":true,"criteria":"cpe:2.3:a:ansys:pyansys_geometry:*:*:*:*:*:*:*:*","versionStartIncluding":"0.4.0","versionEndExcluding":"0.4.12","matchCriteriaId":"C4A9FEDE-8D55-4CFE-864E-4D501F54CB43"}]}]}],"references":[{"url":"https://bandit.readthedocs.io/en/1.7.8/plugins/b602_subprocess_popen_with_shell_equals_true.html","source":"security-advisories@github.com","tags":["Technical Description"]},{"url":"https://github.com/ansys/pyansys-geometry/blob/52cba1737a8a7812e5430099f715fa2160ec007b/src/ansys/geometry/core/connection/product_instance.py#L403-L428","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/ansys/pyansys-geometry/commit/902071701c4f3a8258cbaa46c28dc0a65442d1bc","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/ansys/pyansys-geometry/commit/f82346b9432b06532e84f3278125f5879b4e9f3f","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/ansys/pyansys-geometry/pull/1076","source":"security-advisories@github.com","tags":["Issue Tracking"]},{"url":"https://github.com/ansys/pyansys-geometry/pull/1077","source":"security-advisories@github.com","tags":["Issue Tracking"]},{"url":"https://github.com/ansys/pyansys-geometry/security/advisories/GHSA-38jr-29fh-w9vm","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://bandit.readthedocs.io/en/1.7.8/plugins/b602_subprocess_popen_with_shell_equals_true.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Technical Description"]},{"url":"https://github.com/ansys/pyansys-geometry/blob/52cba1737a8a7812e5430099f715fa2160ec007b/src/ansys/geometry/core/connection/product_instance.py#L403-L428","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/ansys/pyansys-geometry/commit/902071701c4f3a8258cbaa46c28dc0a65442d1bc","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/ansys/pyansys-geometry/commit/f82346b9432b06532e84f3278125f5879b4e9f3f","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/ansys/pyansys-geometry/pull/1076","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking"]},{"url":"https://github.com/ansys/pyansys-geometry/pull/1077","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking"]},{"url":"https://github.com/ansys/pyansys-geometry/security/advisories/GHSA-38jr-29fh-w9vm","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Vendor Advisory"]}]}}]}