70 matches found
Mage AI - Insecure Default Authentication Setup
A vulnerability was found in Mage AI 0.9.75. It has been classified as problematic. This affects an unknown part. The manipulation leads to insecure default initialization of resource. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability i...
CVE-2023-31143
mage-ai is an open-source data pipeline tool for transforming and integrating data. Those who use Mage starting in version 0.8.34 and prior to 0.8.72 with user authentication enabled may be affected by a vulnerability. The terminal could be accessed by users who are not signed in or do not have...
EUVD-2024-2660
Malicious code in bioql PyPI...
EUVD-2024-2604
Malicious code in bioql PyPI...
EUVD-2024-2560
Malicious code in bioql PyPI...
EUVD-2024-2494
Malicious code in bioql PyPI...
EUVD-2024-2559
Malicious code in bioql PyPI...
EUVD-2025-7513
Malicious code in bioql PyPI...
CVE-2024-45189
Mage AI allows remote users with the "Viewer" role to leak arbitrary files from the Mage server due to a path traversal in the "Git Content" request...
CVE-2024-45190
Mage AI allows remote users with the "Viewer" role to leak arbitrary files from the Mage server due to a path traversal in the "Pipeline Interaction" request...
CVE-2024-45188
Mage AI allows remote users with the "Viewer" role to leak arbitrary files from the Mage server due to a path traversal in the "File Content" request...
CVE-2024-8072
Mage AI allows remote unauthenticated attackers to leak the terminal server command history of arbitrary users...
CVE-2025-2129
A vulnerability was found in Mage AI 0.9.75. It has been classified as problematic. This affects an unknown part. The manipulation leads to insecure default initialization of resource. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability i...
CVE-2025-2129
A vulnerability was found in Mage AI 0.9.75. It has been classified as problematic. This affects an unknown part. The manipulation leads to insecure default initialization of resource. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability i...
CVE-2025-2129 Mage AI insecure default initialization of resource
A vulnerability was found in Mage AI 0.9.75. It has been classified as problematic. This affects an unknown part. The manipulation leads to insecure default initialization of resource. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability i...
CVE-2025-2129
Mage AI 0.9.75 is associated with an insecure default initialization of a resource (insecure default authentication setup) that could enable a remote attack. Documents describe a network-vector, high attack complexity, and partial confidentiality/integrity/availability impact. The exploitability ...
CVE-2025-2129 Mage AI insecure default initialization of resource
A vulnerability was found in Mage AI 0.9.75. It has been classified as problematic. This affects an unknown part. The manipulation leads to insecure default initialization of resource. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability i...
Mage AI 安全漏洞
Mage AI is a Mage open source intelligent program for building, running and managing data pipelines. A security vulnerability exists in Mage AI version 0.9.75 that stems from insecure resource initialization...
PT-2025-10456
Name of the Vulnerable Software and Affected Versions: Mage AI version 0.9.75 Description: A vulnerability was found in Mage AI, which has been classified as problematic. The manipulation leads to insecure default initialization of resource. It is possible to initiate the attack remotely. The...
Arbitrary File Leakage
Mage AI is vulnerable to Arbitrary File Leakage. The vulnerability is due to improper validation and handling of file paths in the "File Content" request, which allows unauthorized users to access files outside of their intended scope...