6 matches found
CVE-2024-45853
Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsDB platform, enabling a maliciously uploaded ‘inhouse’ model to run arbitrary code on the server when used for a prediction...
PYSEC-2024-85
Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsDB platform, enabling a maliciously uploaded ‘inhouse’ model to run arbitrary code on the server when using ‘finetune’ on it...
PYSEC-2024-83
Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsDB platform, enabling a maliciously uploaded ‘inhouse’ model to run arbitrary code on the server when used for a prediction...
MindsDB 安全漏洞
MindsDB is an emerging low-code machine learning platform from MindsDB, Inc. A security vulnerability exists in MindsDB version 23.10.2.0 and earlier, which stems from the presence of deserialization of untrusted data, allowing a maliciously uploaded model to run arbitrary code on the server when...
MindsDB 安全漏洞
MindsDB is an emerging low-code machine learning platform from MindsDB, Inc. A security vulnerability exists in MindsDB version 23.10.2.0 and earlier, which stems from the presence of deserialization of untrusted data, allowing a maliciously uploaded model to run arbitrary code on the server when...
MindsDB 安全漏洞
MindsDB is an emerging low-code machine learning platform from MindsDB, Inc. A security vulnerability exists in MindsDB version 23.10.2.0 and earlier, which stems from the presence of deserialization of untrusted data, allowing a maliciously uploaded model to run arbitrary code on the server when...