Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:pypi/openhands-ai@1.2.0

Type pypi

Namespace

Name openhands-ai

Version 1.2.0

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 1.5.0

Latest_non_vulnerable_version 1.5.0

Affected_by_vulnerabilities

url VCID-xav7-qhau-4ya7

vulnerability_id VCID-xav7-qhau-4ya7

summary OpenHands is software for AI-driven development. Starting in version 1.5.0, a Command Injection vulnerability exists in the `get_git_diff()` method at `openhands/runtime/utils/git_handler.py:134`. The `path` parameter from the `/api/conversations/{conversation_id}/git/diff` API endpoint is passed unsanitized to a shell command, allowing authenticated attackers to execute arbitrary commands in the agent sandbox. The user is already allowed to instruct the agent to execute commands, but this bypasses the normal channels. Version 1.5.0 fixes the issue.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-33718

reference_id

reference_type

scores

value	0.0025
scoring_system	epss
scoring_elements	0.48451
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-33718

reference_url

https://docs.python.org/3/library/shlex.html#shlex.quote

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

value	9.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-27T20:04:41Z/

url

https://docs.python.org/3/library/shlex.html#shlex.quote

reference_url

https://docs.python.org/3/library/subprocess.html#security-considerations

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

value	9.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-27T20:04:41Z/

url

https://docs.python.org/3/library/subprocess.html#security-considerations

reference_url

https://github.com/OpenHands/OpenHands

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/OpenHands/OpenHands

reference_url

https://github.com/OpenHands/OpenHands/pull/13051

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

value	9.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-27T20:04:41Z/

url

https://github.com/OpenHands/OpenHands/pull/13051

reference_url

https://github.com/OpenHands/OpenHands/security/advisories/GHSA-7h8w-hj9j-8rjw

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

value	9.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-27T20:04:41Z/

url

https://github.com/OpenHands/OpenHands/security/advisories/GHSA-7h8w-hj9j-8rjw

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-33718

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-33718

reference_url

https://owasp.org/www-community/attacks/Command_Injection

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

value	9.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-27T20:04:41Z/

url

https://owasp.org/www-community/attacks/Command_Injection

reference_url	https://github.com/advisories/GHSA-7h8w-hj9j-8rjw
reference_id	GHSA-7h8w-hj9j-8rjw
reference_type
scores
url	https://github.com/advisories/GHSA-7h8w-hj9j-8rjw

fixed_packages

url	pkg:pypi/openhands-ai@1.5.0
purl	pkg:pypi/openhands-ai@1.5.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/openhands-ai@1.5.0

aliases CVE-2026-33718, GHSA-7h8w-hj9j-8rjw, PYSEC-2026-106

risk_score 4.5

exploitability 0.5

weighted_severity 8.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xav7-qhau-4ya7

Fixing_vulnerabilities

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/openhands-ai@1.2.0

Package Instance