MindsDB@23.3.3.5 vulnerabilities

MindsDB is a MindsDB server, provides server capabilities to mindsdb native python library

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) whenever another user enumerates unsanitized items within the UI. An attacker can execute arbitrary JavaScript code by injecting malicious scripts into the input fields.

There is no fixed version for MindsDB.

MindsDB is a MindsDB server, provides server capabilities to mindsdb native python library

Affected versions of this package are vulnerable to Deserialization of Untrusted Data through the deserialization process within the decode function of the mindsdb/integrations/handlers/byom_handler/proc_wrapper.py file, which will perform a pickle.loads on a custom model built via the Build Your Own Model process. An attacker can execute arbitrary code on the server.

There is no fixed version for MindsDB.

MindsDB is a MindsDB server, provides server capabilities to mindsdb native python library

Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) through the is_private_url function. An attacker can manipulate DNS responses to redirect traffic to malicious sites or local IP addresses by exploiting the DNS rebinding technique.

Upgrade MindsDB to version 23.12.4.2 or higher.

MindsDB is a MindsDB server, provides server capabilities to mindsdb native python library

Affected versions of this package are vulnerable to Cross-site Scripting due to improper sanitization of user-supplied input. An attacker can inject malicious scripts into web pages viewed by other users.

Note: This is true for both cloud version and OSS version.

There is no fixed version for MindsDB.

MindsDB is a MindsDB server, provides server capabilities to mindsdb native python library

Affected versions of this package are vulnerable to Files or Directories Accessible to External Parties. An attacker can write arbitrary files to the system by exploiting insufficient validation of user-supplied input.

Upgrade MindsDB to version 23.11.4.1 or higher.

MindsDB is a MindsDB server, provides server capabilities to mindsdb native python library

Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) via the put method in mindsdb/mindsdb/api/http/namespaces/file.py file. An attacker can disclose sensitive information and potentially interact with internal systems by sending crafted requests.

Upgrade MindsDB to version 23.11.4.0 or higher.

MindsDB is a MindsDB server, provides server capabilities to mindsdb native python library

Affected versions of this package are vulnerable to Improper Certificate Validation due to explicitly disabling SSL certificate verification by using verify=False. SSL certificate checks are disabled, and the application is not verifying the authenticity of the SSL certificate presented by the server.

Upgrade MindsDB to version 23.7.4.0 or higher.

MindsDB is a MindsDB server, provides server capabilities to mindsdb native python library

Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) due to an unsafe extraction which is performed using the shutil.unpack_archive() function from a remotely retrieved tarball. This can lead to the writing of the extracted files to an unintended location.

There is no fixed version for MindsDB.