mage-ai@0.9.75 vulnerabilities
Mage is a tool for building and deploying data pipelines.
latest version
0.9.75
first published
2 years ago
latest version published
15 days ago
licenses detected
- [0,)
Direct Vulnerabilities
Known vulnerabilities in the mage-ai package. This does not include vulnerabilities belonging to this package’s dependencies.
How to fix?
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free| Vulnerability | Vulnerable Version |
|---|---|
mage-ai is a Mage is a tool for building and deploying data pipelines. Affected versions of this package are vulnerable to Incorrect Privilege Assignment due to the incorrect privilege assignment to guest users who remain logged in after their accounts are deleted. An attacker can execute arbitrary code remotely by accessing the Mage AI terminal server. How to fix Incorrect Privilege Assignment? There is no fixed version for | [0,) |
mage-ai is a Mage is a tool for building and deploying data pipelines. Affected versions of this package are vulnerable to Directory Traversal via the How to fix Directory Traversal? There is no fixed version for | [0,) |
mage-ai is a Mage is a tool for building and deploying data pipelines. Affected versions of this package are vulnerable to Directory Traversal via the How to fix Directory Traversal? There is no fixed version for | [0,) |
mage-ai is a Mage is a tool for building and deploying data pipelines. Affected versions of this package are vulnerable to Path Traversal via the How to fix Path Traversal? There is no fixed version for | [0,) |
mage-ai is a Mage is a tool for building and deploying data pipelines. Affected versions of this package are vulnerable to Information Exposure through the terminal server command history retrieval process. An attacker can obtain sensitive information by exploiting the lack of proper access controls. How to fix Information Exposure? There is no fixed version for | [0,) |