3 matches found
CVE-2024-5753
vanna-ai/vanna version v0.3.4 is vulnerable to SQL injection in some file-critical functions such as pgreadfile. This vulnerability allows unauthenticated remote users to read arbitrary local files on the victim server, including sensitive files like /etc/passwd, by exploiting the exposed SQL...
CVE-2024-5753
creationtimestamp| type| source ---|---|--- 2024-07-05 22:32:10+00:00| seen| https://t.me/cvedetector/136 2026-02-27 04:04:35+00:00| seen| https://gist.github.com/YLChen-007/251cb05f6b16f03e75e9f6c80ea3162f...
cy-ai-trainer (>=0.0.1 <=0.0.2), llama-index-packs-vanna (>=0.0.1 <=0.1.4) potentially affected by CVE-2024-5753 via vanna (>=0.0.30 <=0.0.36)
vanna PYPI version =0.0.30, =0.0.1, =0.0.1, =0.1.4 Source cves: CVE-2024-5753 Source advisory: OSV:GHSA-MWXM-35F8-6VG2...