High severityNVD Advisory· Published Sep 12, 2024· Updated Sep 12, 2024
CVE-2024-45850
CVE-2024-45850
Description
An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server. For databases created with the SharePoint engine, an ‘INSERT’ query can be used for site column creation. If such a query is specially crafted to contain Python code and is run against the database, the code will be passed to an eval function and executed on the server.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
mindsdbPyPI | >= 23.10.5.0, < 24.7.4.1 | 24.7.4.1 |
Affected products
1Patches
111a4db792ad3Replace eval with literal_eval (#9533)
4 files changed · +10 −7
mindsdb/integrations/handlers/chromadb_handler/chromadb_handler.py+2 −1 modified@@ -1,3 +1,4 @@ +import ast import sys from typing import List, Optional @@ -329,7 +330,7 @@ def insert(self, table_name: str, data: pd.DataFrame): # ensure metadata is a dict, convert to dict if it is a string if data.get(TableField.METADATA.value) is not None: data[TableField.METADATA.value] = data[TableField.METADATA.value].apply( - lambda x: x if isinstance(x, dict) else eval(x) + lambda x: x if isinstance(x, dict) else ast.literal_eval(x) ) # convert to dict
mindsdb/integrations/handlers/sharepoint_handler/sharepoint_api.py+5 −4 modified@@ -1,3 +1,4 @@ +import ast from datetime import datetime, timezone from typing import Text, List, Dict, Any @@ -249,10 +250,10 @@ def create_a_list( url = f"https://graph.microsoft.com/v1.0/sites/{site_id}/lists/" payload = {} if column: - column = eval(column) + column = ast.literal_eval(column) payload["column"] = column payload["displayName"] = display_name - payload["list"] = eval(list_template) + payload["list"] = ast.literal_eval(list_template) create_an_entity(url=url, payload=payload, bearer_token=self.bearer_token) def get_site_columns_by_site( @@ -410,7 +411,7 @@ def create_a_site_column( url = f"https://graph.microsoft.com/v1.0/sites/{site_id}/columns/" payload = {} if text: - text = eval(text) + text = ast.literal_eval(text) payload["text"] = text payload["name"] = name if enforce_unique_values is not None: @@ -574,5 +575,5 @@ def create_an_item(self, site_id: str, list_id: str, fields: str) -> None: url = f"https://graph.microsoft.com/v1.0/sites/{site_id}/lists/{list_id}/items/" payload = {} if fields: - payload["fields"] = eval(fields) + payload["fields"] = ast.literal_eval(fields) create_an_entity(url=url, payload=payload, bearer_token=self.bearer_token)
mindsdb/integrations/handlers/weaviate_handler/weaviate_handler.py+2 −1 modified@@ -1,3 +1,4 @@ +import ast from datetime import datetime from typing import List, Optional @@ -335,7 +336,7 @@ def select( # assuming there would be only one vector based search per query vector_filter = vector_filter[0] near_vector = { - "vector": eval(vector_filter.value) + "vector": ast.literal_eval(vector_filter.value) if isinstance(vector_filter.value, str) else vector_filter.value }
mindsdb/integrations/libs/vectordatabase_handler.py+1 −1 modified@@ -242,7 +242,7 @@ def _dispatch_update(self, query: Update): if k == TableField.EMBEDDINGS.value and isinstance(v, str): # it could be embeddings in string try: - v = eval(v) + v = ast.literal_eval(v) except Exception: pass row[k] = v
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
6- github.com/advisories/GHSA-v6g6-3cm3-vf6cghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-45850ghsaADVISORY
- github.com/mindsdb/mindsdb/commit/11a4db792ad36cf704f7307c7602128b17752c80ghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/mindsdb/PYSEC-2024-80.yamlghsaWEB
- hiddenlayer.com/sai-security-advisory/2024-09-mindsdbghsaWEB
- hiddenlayer.com/sai-security-advisory/2024-09-mindsdb/mitre
News mentions
0No linked articles in our index yet.