7 matches found
EUVD-2023-0151
Malicious code in bioql PyPI...
MindsDB Code Issues Vulnerabilities
MindsDB is an emerging low-code machine learning platform from MindsDB, Inc. A code issue vulnerability exists in versions prior to MindsDB 23.11.4.1 that stems from not validating user-controlled name values, potentially leading to path injection...
PT-2023-31629 · Mindsdb · Mindsdb
Name of the Vulnerable Software and Affected Versions: MindsDB versions prior to 23.11.4.1 Description: The issue concerns a path injection vulnerability in the put method of mindsdb/mindsdb/api/http/namespaces/file.py. This vulnerability allows arbitrary file contents to be written due to the la...
PYSEC-2023-278
MindsDB connects artificial intelligence models to real time data. Versions prior to 23.11.4.1 contain a limited file write vulnerability in file.py Users should use MindsDB's staging branch or v23.11.4.1, which contain a fix for the issue...
CVE-2023-49796 MindsDB Arbitrary File Write vulnerability
MindsDB connects artificial intelligence models to real time data. Versions prior to 23.11.4.1 contain a limited file write vulnerability in file.py Users should use MindsDB's staging branch or v23.11.4.1, which contain a fix for the issue...
PYSEC-2023-277
MindsDB connects artificial intelligence models to real time data. Versions prior to 23.11.4.1 contain a server-side request forgery vulnerability in file.py. This can lead to limited information disclosure. Users should use MindsDB's staging branch or v23.11.4.1, which contain a fix for the issu...
PT-2023-31353 · Mindsdb · Mindsdb
Name of the Vulnerable Software and Affected Versions: MindsDB versions prior to 23.11.4.1 Description: MindsDB connects artificial intelligence models to real-time data. The issue is related to a server-side request forgery vulnerability in the file.py module. This can lead to limited informatio...