VYPR
Moderate severityNVD Advisory· Published Dec 11, 2023· Updated Aug 2, 2024

MindsDB Server-Side Request Forgery vulnerability

CVE-2023-49795

Description

MindsDB connects artificial intelligence models to real time data. Versions prior to 23.11.4.1 contain a server-side request forgery vulnerability in file.py. This can lead to limited information disclosure. Users should use MindsDB's staging branch or v23.11.4.1, which contain a fix for the issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
mindsdbPyPI
< 23.11.4.123.11.4.1

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.