Skip to content

Commit fecf658

Browse files
author
github-actions
committed
Analysis
1 parent 8d636f1 commit fecf658

File tree

5 files changed

+10
-5
lines changed

5 files changed

+10
-5
lines changed

vulns/mindsdb/PYSEC-2023-278.yaml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -590,6 +590,7 @@ affected:
590590
- 26.0.0rc2
591591
- 26.0.0rc3
592592
- 26.0.0
593+
- 26.0.1
593594
aliases:
594595
- CVE-2023-49796
595596
- GHSA-crhp-7c74-cg4c
@@ -598,7 +599,7 @@ details: MindsDB connects artificial intelligence models to real time data. Vers
598599
should use MindsDB's `staging` branch or v23.11.4.1, which contain a fix for the
599600
issue.
600601
id: PYSEC-2023-278
601-
modified: '2026-02-25T10:47:20.007476Z'
602+
modified: '2026-03-03T16:29:37.448520Z'
602603
published: '2023-12-11T21:15:00Z'
603604
references:
604605
- type: ADVISORY

vulns/mindsdb/PYSEC-2024-82.yaml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -183,13 +183,14 @@ affected:
183183
- 26.0.0rc2
184184
- 26.0.0rc3
185185
- 26.0.0
186+
- 26.0.1
186187
aliases:
187188
- CVE-2024-45852
188189
details: Deserialization of untrusted data can occur in versions 23.3.2.0 and newer
189190
of the MindsDB platform, enabling a maliciously uploaded model to run arbitrary
190191
code on the server when interacted with.
191192
id: PYSEC-2024-82
192-
modified: '2026-02-25T10:47:20.150040Z'
193+
modified: '2026-03-03T16:29:37.563380Z'
193194
published: '2024-09-12T13:15:00Z'
194195
references:
195196
- type: EVIDENCE

vulns/mindsdb/PYSEC-2024-83.yaml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -143,13 +143,14 @@ affected:
143143
- 26.0.0rc2
144144
- 26.0.0rc3
145145
- 26.0.0
146+
- 26.0.1
146147
aliases:
147148
- CVE-2024-45853
148149
details: "Deserialization of untrusted data can occur in versions 23.10.2.0 and newer\
149150
\ of the MindsDB platform, enabling a maliciously uploaded \u2018inhouse\u2019 model\
150151
\ to run arbitrary code on the server when used for a prediction."
151152
id: PYSEC-2024-83
152-
modified: '2026-02-25T10:47:20.277592Z'
153+
modified: '2026-03-03T16:29:37.662671Z'
153154
published: '2024-09-12T13:15:00Z'
154155
references:
155156
- type: EVIDENCE

vulns/mindsdb/PYSEC-2024-84.yaml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -142,14 +142,15 @@ affected:
142142
- 26.0.0rc2
143143
- 26.0.0rc3
144144
- 26.0.0
145+
- 26.0.1
145146
aliases:
146147
- CVE-2024-45854
147148
details: "Deserialization of untrusted data can occur in versions 23.10.3.0 and newer\
148149
\ of the MindsDB platform, enabling a maliciously uploaded \u2018inhouse\u2019 model\
149150
\ to run arbitrary code on the server when a \u2018describe\u2019 query is run on\
150151
\ it."
151152
id: PYSEC-2024-84
152-
modified: '2026-02-25T10:47:20.405923Z'
153+
modified: '2026-03-03T16:29:37.756762Z'
153154
published: '2024-09-12T13:15:00Z'
154155
references:
155156
- type: EVIDENCE

vulns/mindsdb/PYSEC-2024-85.yaml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -143,13 +143,14 @@ affected:
143143
- 26.0.0rc2
144144
- 26.0.0rc3
145145
- 26.0.0
146+
- 26.0.1
146147
aliases:
147148
- CVE-2024-45855
148149
details: "Deserialization of untrusted data can occur in versions 23.10.2.0 and newer\
149150
\ of the MindsDB platform, enabling a maliciously uploaded \u2018inhouse\u2019 model\
150151
\ to run arbitrary code on the server when using \u2018finetune\u2019 on it."
151152
id: PYSEC-2024-85
152-
modified: '2026-02-25T10:47:20.527736Z'
153+
modified: '2026-03-03T16:29:37.848846Z'
153154
published: '2024-09-12T13:15:00Z'
154155
references:
155156
- type: EVIDENCE

0 commit comments

Comments
 (0)