3 matches found
CVE-2024-45854
Deserialization of untrusted data can occur in versions 23.10.3.0 and newer of the MindsDB platform, enabling a maliciously uploaded ‘inhouse’ model to run arbitrary code on the server when a ‘describe’ query is run on it...
CVE-2024-45854
CVE-2024-45854 concerns MindsDB platform 23.10.3.0 and later, with a deserialization of untrusted data flaw that can let a maliciously uploaded ‘inhouse’ model execute arbitrary code on the server when a describe query is run. The connected documents confirm the affected product/version and the u...
CVE-2024-45854
Deserialization of untrusted data can occur in versions 23.10.3.0 and newer of the MindsDB platform, enabling a maliciously uploaded ‘inhouse’ model to run arbitrary code on the server when a ‘describe’ query is run on it...