pkg:PyPI/mindsdb

All known vulnerabilities

• CRITICAL9.3CVE-2024-24759MindsDB Vulnerable to Bypass of SSRF Protection with DNS Rebinding
  from 0, < 23.12.4.2
• CRITICAL9.3CVE-2024-24759MindsDB Vulnerable to Bypass of SSRF Protection with DNS Rebinding
  from 0, < 5f7496481bd3db1d06a2d2e62c0dce960a1fe12b | from 0, < 23.12.4.2
• CRITICAL9.1CVE-2023-50731GitHub Security Lab (GHSL) Vulnerability Report: Arbitary write GHSL-2023-182
  from 0, < 23.11.4.1
• CRITICAL9.1GitHub Security Lab (GHSL) Vulnerability Report: Arbitary write GHSL-2023-182
  from 0, < 23.11.4.1
• CRITICAL9.1MindsDB can be made to not verify SSL certificates
  from 0, < 23.7.4.0
• CRITICAL9.1MindsDB can be made to not verify SSL certificates
  from 0, < 083afcf6567cf51aa7d89ea892fd97689919053b | from 0, < 23.7.4.0
• CRITICAL9.0MindsDB Cross-site Scripting vulnerability
  from 0, <= 24.9.2.1
• HIGH8.8MindsDB: Path Traversal in /api/files Leading to Remote Code Execution
  from 0, < 25.9.1.1
• HIGH8.8MindsDB Eval Injection vulnerability
  >= 23.10.5.0, < 24.7.4.1
• HIGH8.8MindsDB Deserialization of Untrusted Data vulnerability
  >= 23.3.2.0
• HIGH8.8MindsDB Deserialization of Untrusted Data vulnerability
  >= 23.3.2.0, <= 24.9.2.1
• HIGH8.8MindsDB Eval Injection vulnerability
  >= 23.10.5.0, < 24.7.4.1
• HIGH8.8MindsDB Eval Injection vulnerability
  >= 23.10.3.0, < 24.7.4.1
• HIGH8.8MindsDB Eval Injection vulnerability
  >= 23.10.5.0, < 24.7.4.1
• HIGH8.8MindsDB Eval Injection vulnerability
  >= 23.10.5.0, < 24.7.4.1
• HIGH8.8MindsDB Eval Injection vulnerability
  >= 23.12.4.0, < 24.7.4.1
• HIGH8.8MindsDB Eval Injection vulnerability
  >= 23.10.5.0, < 24.7.4.1
• HIGH8.8MindsDB Eval Injection vulnerability
  >= 23.11.4.2, < 24.7.4.1
• HIGH8.8MindsDB Eval Injection vulnerability
  >= 23.10.5.0, < 24.7.4.1
• HIGH8.8MindsDB Eval Injection vulnerability
  >= 23.10.3.0, < 24.7.4.1
• HIGH8.8MindsDB Eval Injection vulnerability
  >= 23.12.4.0, < 24.7.4.1
• HIGH8.5Arbitrary file write in mindsdb when Extracting Tarballs retrieved from a remote location
  from 0, < 22.11.4.3
• HIGH8.5Arbitrary file write in mindsdb when Extracting Tarballs retrieved from a remote location
  from 0, < 22.11.4.3
• HIGH8.1MindsDB has improper sanitation of filepath that leads to information disclosure and DOS
  from 0, < 25.11.1
• HIGH8.1MindsDB has improper sanitation of filepath that leads to information disclosure and DOS
  from 0, < 25.11.1
• HIGH7.5mindsdb arbitrary file write when extracting a remotely retrieved Tarball
  from 0, < 23.2.1.0
• HIGH7.5mindsdb arbitrary file write when extracting a remotely retrieved Tarball
  from 0, < 4419b0f0019c000db390b54d8b9d06e1d3670039 | from 0, < 23.2.1.0
• HIGH7.3MindsDB has an Improper Access Control Issue
  from 0, <= 26.0.1
• HIGH7.1MindsDB Deserialization of Untrusted Data vulnerability
  >= 23.10.3.0
• HIGH7.1MindsDB Deserialization of Untrusted Data vulnerability
  >= 23.10.3.0, <= 24.9.2.1
• HIGH7.1MindsDB Deserialization of Untrusted Data vulnerability
  >= 23.10.2.0, <= 24.9.2.1
• HIGH7.1MindsDB Deserialization of Untrusted Data vulnerability
  >= 23.10.2.0, <= 24.9.2.1
• HIGH7.1MindsDB Deserialization of Untrusted Data vulnerability
  >= 23.10.2.0
• HIGH7.1MindsDB Deserialization of Untrusted Data vulnerability
  >= 23.10.2.0
• MEDIUM6.5Server-Side Request Forgery in mindsdb
  from 0, < 8d13c9c28ebcf3b36509eb679378004d4648d8fe | from 0, < 23.11.4.1
• MEDIUM6.5Server-Side Request Forgery in mindsdb
  from 0, < 23.11.4.1
• MEDIUM6.3MindsDB affected by a SSRF vulnerability
  from 0, < 26.0.0rc1
• MEDIUM6.3MindsDB affected by a SSRF vulnerability
  from 0, <= 25.14.1
• MEDIUM5.8Cross-site Scripting (XSS) in mindsdb/mindsdb
  from 0, <= 23.6.3.1
• MEDIUM5.8Cross-site Scripting (XSS) in mindsdb/mindsdb
  from 0, <= 23.6.3.1
• MEDIUM5.3Improper Input Validation in mindsdb
  from 0, < 23.11.4.1
• MEDIUM5.3Improper Input Validation in mindsdb
  from 0, < 8d13c9c28ebcf3b36509eb679378004d4648d8fe | from 0