Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-k6m1-mehq-pbez
SummaryAn arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server. For databases created with the SharePoint engine, an ‘INSERT’ query can be used for site column creation. If such a query is specially crafted to contain Python code and is run against the database, the code will be passed to an eval function and executed on the server.
Aliases
0
alias CVE-2024-45850
1
alias PYSEC-2024-80
Fixed_packages
0
url pkg:pypi/mindsdb@24.7.4.1
purl pkg:pypi/mindsdb@24.7.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-stp6-86fa-cubn
1
vulnerability VCID-uab9-6bgh-efct
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@24.7.4.1
Affected_packages
0
url pkg:pypi/mindsdb@23.10.5.0
purl pkg:pypi/mindsdb@23.10.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba2s-8e42-7ucs
1
vulnerability VCID-d1sm-yyqm-fug8
2
vulnerability VCID-jzag-uvvs-3fca
3
vulnerability VCID-k6m1-mehq-pbez
4
vulnerability VCID-kttw-x13y-b3fj
5
vulnerability VCID-qv2m-udp6-6fb8
6
vulnerability VCID-stp6-86fa-cubn
7
vulnerability VCID-uab9-6bgh-efct
8
vulnerability VCID-vuny-bz3z-kfg4
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@23.10.5.0
1
url pkg:pypi/mindsdb@23.11.1.0
purl pkg:pypi/mindsdb@23.11.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba2s-8e42-7ucs
1
vulnerability VCID-d1sm-yyqm-fug8
2
vulnerability VCID-jzag-uvvs-3fca
3
vulnerability VCID-k6m1-mehq-pbez
4
vulnerability VCID-kttw-x13y-b3fj
5
vulnerability VCID-qv2m-udp6-6fb8
6
vulnerability VCID-stp6-86fa-cubn
7
vulnerability VCID-uab9-6bgh-efct
8
vulnerability VCID-vuny-bz3z-kfg4
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@23.11.1.0
2
url pkg:pypi/mindsdb@23.11.4.0
purl pkg:pypi/mindsdb@23.11.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba2s-8e42-7ucs
1
vulnerability VCID-d1sm-yyqm-fug8
2
vulnerability VCID-jzag-uvvs-3fca
3
vulnerability VCID-k6m1-mehq-pbez
4
vulnerability VCID-kttw-x13y-b3fj
5
vulnerability VCID-qv2m-udp6-6fb8
6
vulnerability VCID-stp6-86fa-cubn
7
vulnerability VCID-uab9-6bgh-efct
8
vulnerability VCID-vuny-bz3z-kfg4
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@23.11.4.0
3
url pkg:pypi/mindsdb@23.11.4.1
purl pkg:pypi/mindsdb@23.11.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba2s-8e42-7ucs
1
vulnerability VCID-d1sm-yyqm-fug8
2
vulnerability VCID-jzag-uvvs-3fca
3
vulnerability VCID-k6m1-mehq-pbez
4
vulnerability VCID-kttw-x13y-b3fj
5
vulnerability VCID-stp6-86fa-cubn
6
vulnerability VCID-uab9-6bgh-efct
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@23.11.4.1
4
url pkg:pypi/mindsdb@23.11.4.4a6
purl pkg:pypi/mindsdb@23.11.4.4a6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba2s-8e42-7ucs
1
vulnerability VCID-d1sm-yyqm-fug8
2
vulnerability VCID-jzag-uvvs-3fca
3
vulnerability VCID-k6m1-mehq-pbez
4
vulnerability VCID-kttw-x13y-b3fj
5
vulnerability VCID-stp6-86fa-cubn
6
vulnerability VCID-uab9-6bgh-efct
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@23.11.4.4a6
5
url pkg:pypi/mindsdb@23.12.4.0
purl pkg:pypi/mindsdb@23.12.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba2s-8e42-7ucs
1
vulnerability VCID-d1sm-yyqm-fug8
2
vulnerability VCID-fjec-rvym-t3f1
3
vulnerability VCID-jzag-uvvs-3fca
4
vulnerability VCID-k6m1-mehq-pbez
5
vulnerability VCID-kttw-x13y-b3fj
6
vulnerability VCID-stp6-86fa-cubn
7
vulnerability VCID-uab9-6bgh-efct
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@23.12.4.0
6
url pkg:pypi/mindsdb@23.12.4.1
purl pkg:pypi/mindsdb@23.12.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba2s-8e42-7ucs
1
vulnerability VCID-d1sm-yyqm-fug8
2
vulnerability VCID-fjec-rvym-t3f1
3
vulnerability VCID-jzag-uvvs-3fca
4
vulnerability VCID-k6m1-mehq-pbez
5
vulnerability VCID-kttw-x13y-b3fj
6
vulnerability VCID-stp6-86fa-cubn
7
vulnerability VCID-uab9-6bgh-efct
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@23.12.4.1
7
url pkg:pypi/mindsdb@23.12.4.2
purl pkg:pypi/mindsdb@23.12.4.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba2s-8e42-7ucs
1
vulnerability VCID-d1sm-yyqm-fug8
2
vulnerability VCID-fjec-rvym-t3f1
3
vulnerability VCID-k6m1-mehq-pbez
4
vulnerability VCID-kttw-x13y-b3fj
5
vulnerability VCID-stp6-86fa-cubn
6
vulnerability VCID-uab9-6bgh-efct
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@23.12.4.2
8
url pkg:pypi/mindsdb@24.1.4.0
purl pkg:pypi/mindsdb@24.1.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba2s-8e42-7ucs
1
vulnerability VCID-d1sm-yyqm-fug8
2
vulnerability VCID-fjec-rvym-t3f1
3
vulnerability VCID-k6m1-mehq-pbez
4
vulnerability VCID-kttw-x13y-b3fj
5
vulnerability VCID-stp6-86fa-cubn
6
vulnerability VCID-uab9-6bgh-efct
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@24.1.4.0
9
url pkg:pypi/mindsdb@24.2.3.0
purl pkg:pypi/mindsdb@24.2.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba2s-8e42-7ucs
1
vulnerability VCID-d1sm-yyqm-fug8
2
vulnerability VCID-fjec-rvym-t3f1
3
vulnerability VCID-k6m1-mehq-pbez
4
vulnerability VCID-kttw-x13y-b3fj
5
vulnerability VCID-stp6-86fa-cubn
6
vulnerability VCID-uab9-6bgh-efct
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@24.2.3.0
10
url pkg:pypi/mindsdb@24.3.4.0
purl pkg:pypi/mindsdb@24.3.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba2s-8e42-7ucs
1
vulnerability VCID-d1sm-yyqm-fug8
2
vulnerability VCID-fjec-rvym-t3f1
3
vulnerability VCID-k6m1-mehq-pbez
4
vulnerability VCID-kttw-x13y-b3fj
5
vulnerability VCID-stp6-86fa-cubn
6
vulnerability VCID-uab9-6bgh-efct
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@24.3.4.0
11
url pkg:pypi/mindsdb@24.3.4.1
purl pkg:pypi/mindsdb@24.3.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba2s-8e42-7ucs
1
vulnerability VCID-d1sm-yyqm-fug8
2
vulnerability VCID-fjec-rvym-t3f1
3
vulnerability VCID-k6m1-mehq-pbez
4
vulnerability VCID-kttw-x13y-b3fj
5
vulnerability VCID-stp6-86fa-cubn
6
vulnerability VCID-uab9-6bgh-efct
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@24.3.4.1
12
url pkg:pypi/mindsdb@24.3.4.2
purl pkg:pypi/mindsdb@24.3.4.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba2s-8e42-7ucs
1
vulnerability VCID-d1sm-yyqm-fug8
2
vulnerability VCID-fjec-rvym-t3f1
3
vulnerability VCID-k6m1-mehq-pbez
4
vulnerability VCID-kttw-x13y-b3fj
5
vulnerability VCID-stp6-86fa-cubn
6
vulnerability VCID-uab9-6bgh-efct
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@24.3.4.2
13
url pkg:pypi/mindsdb@24.3.5.0
purl pkg:pypi/mindsdb@24.3.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba2s-8e42-7ucs
1
vulnerability VCID-d1sm-yyqm-fug8
2
vulnerability VCID-fjec-rvym-t3f1
3
vulnerability VCID-k6m1-mehq-pbez
4
vulnerability VCID-kttw-x13y-b3fj
5
vulnerability VCID-stp6-86fa-cubn
6
vulnerability VCID-uab9-6bgh-efct
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@24.3.5.0
14
url pkg:pypi/mindsdb@24.4.2.0
purl pkg:pypi/mindsdb@24.4.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba2s-8e42-7ucs
1
vulnerability VCID-d1sm-yyqm-fug8
2
vulnerability VCID-fjec-rvym-t3f1
3
vulnerability VCID-k6m1-mehq-pbez
4
vulnerability VCID-kttw-x13y-b3fj
5
vulnerability VCID-stp6-86fa-cubn
6
vulnerability VCID-uab9-6bgh-efct
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@24.4.2.0
15
url pkg:pypi/mindsdb@24.4.2.1
purl pkg:pypi/mindsdb@24.4.2.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba2s-8e42-7ucs
1
vulnerability VCID-d1sm-yyqm-fug8
2
vulnerability VCID-fjec-rvym-t3f1
3
vulnerability VCID-k6m1-mehq-pbez
4
vulnerability VCID-kttw-x13y-b3fj
5
vulnerability VCID-stp6-86fa-cubn
6
vulnerability VCID-uab9-6bgh-efct
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@24.4.2.1
16
url pkg:pypi/mindsdb@24.4.3.0
purl pkg:pypi/mindsdb@24.4.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba2s-8e42-7ucs
1
vulnerability VCID-d1sm-yyqm-fug8
2
vulnerability VCID-fjec-rvym-t3f1
3
vulnerability VCID-k6m1-mehq-pbez
4
vulnerability VCID-kttw-x13y-b3fj
5
vulnerability VCID-stp6-86fa-cubn
6
vulnerability VCID-uab9-6bgh-efct
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@24.4.3.0
17
url pkg:pypi/mindsdb@24.5.4.0
purl pkg:pypi/mindsdb@24.5.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba2s-8e42-7ucs
1
vulnerability VCID-d1sm-yyqm-fug8
2
vulnerability VCID-fjec-rvym-t3f1
3
vulnerability VCID-k6m1-mehq-pbez
4
vulnerability VCID-kttw-x13y-b3fj
5
vulnerability VCID-stp6-86fa-cubn
6
vulnerability VCID-uab9-6bgh-efct
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@24.5.4.0
18
url pkg:pypi/mindsdb@24.6.1.0
purl pkg:pypi/mindsdb@24.6.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba2s-8e42-7ucs
1
vulnerability VCID-d1sm-yyqm-fug8
2
vulnerability VCID-fjec-rvym-t3f1
3
vulnerability VCID-k6m1-mehq-pbez
4
vulnerability VCID-kttw-x13y-b3fj
5
vulnerability VCID-stp6-86fa-cubn
6
vulnerability VCID-uab9-6bgh-efct
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@24.6.1.0
19
url pkg:pypi/mindsdb@24.6.1.1
purl pkg:pypi/mindsdb@24.6.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba2s-8e42-7ucs
1
vulnerability VCID-d1sm-yyqm-fug8
2
vulnerability VCID-fjec-rvym-t3f1
3
vulnerability VCID-k6m1-mehq-pbez
4
vulnerability VCID-kttw-x13y-b3fj
5
vulnerability VCID-stp6-86fa-cubn
6
vulnerability VCID-uab9-6bgh-efct
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@24.6.1.1
20
url pkg:pypi/mindsdb@24.6.2.0
purl pkg:pypi/mindsdb@24.6.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba2s-8e42-7ucs
1
vulnerability VCID-d1sm-yyqm-fug8
2
vulnerability VCID-fjec-rvym-t3f1
3
vulnerability VCID-k6m1-mehq-pbez
4
vulnerability VCID-kttw-x13y-b3fj
5
vulnerability VCID-stp6-86fa-cubn
6
vulnerability VCID-uab9-6bgh-efct
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@24.6.2.0
21
url pkg:pypi/mindsdb@24.6.2.2
purl pkg:pypi/mindsdb@24.6.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba2s-8e42-7ucs
1
vulnerability VCID-d1sm-yyqm-fug8
2
vulnerability VCID-fjec-rvym-t3f1
3
vulnerability VCID-k6m1-mehq-pbez
4
vulnerability VCID-kttw-x13y-b3fj
5
vulnerability VCID-stp6-86fa-cubn
6
vulnerability VCID-uab9-6bgh-efct
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@24.6.2.2
22
url pkg:pypi/mindsdb@24.6.3.0
purl pkg:pypi/mindsdb@24.6.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba2s-8e42-7ucs
1
vulnerability VCID-d1sm-yyqm-fug8
2
vulnerability VCID-fjec-rvym-t3f1
3
vulnerability VCID-k6m1-mehq-pbez
4
vulnerability VCID-kttw-x13y-b3fj
5
vulnerability VCID-stp6-86fa-cubn
6
vulnerability VCID-uab9-6bgh-efct
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@24.6.3.0
23
url pkg:pypi/mindsdb@24.6.3.1
purl pkg:pypi/mindsdb@24.6.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba2s-8e42-7ucs
1
vulnerability VCID-d1sm-yyqm-fug8
2
vulnerability VCID-fjec-rvym-t3f1
3
vulnerability VCID-k6m1-mehq-pbez
4
vulnerability VCID-kttw-x13y-b3fj
5
vulnerability VCID-stp6-86fa-cubn
6
vulnerability VCID-uab9-6bgh-efct
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@24.6.3.1
24
url pkg:pypi/mindsdb@24.6.4.1
purl pkg:pypi/mindsdb@24.6.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba2s-8e42-7ucs
1
vulnerability VCID-d1sm-yyqm-fug8
2
vulnerability VCID-fjec-rvym-t3f1
3
vulnerability VCID-k6m1-mehq-pbez
4
vulnerability VCID-kttw-x13y-b3fj
5
vulnerability VCID-stp6-86fa-cubn
6
vulnerability VCID-uab9-6bgh-efct
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@24.6.4.1
25
url pkg:pypi/mindsdb@24.7.1.0
purl pkg:pypi/mindsdb@24.7.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba2s-8e42-7ucs
1
vulnerability VCID-d1sm-yyqm-fug8
2
vulnerability VCID-fjec-rvym-t3f1
3
vulnerability VCID-k6m1-mehq-pbez
4
vulnerability VCID-kttw-x13y-b3fj
5
vulnerability VCID-stp6-86fa-cubn
6
vulnerability VCID-uab9-6bgh-efct
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@24.7.1.0
26
url pkg:pypi/mindsdb@24.7.2.0
purl pkg:pypi/mindsdb@24.7.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba2s-8e42-7ucs
1
vulnerability VCID-d1sm-yyqm-fug8
2
vulnerability VCID-fjec-rvym-t3f1
3
vulnerability VCID-k6m1-mehq-pbez
4
vulnerability VCID-kttw-x13y-b3fj
5
vulnerability VCID-stp6-86fa-cubn
6
vulnerability VCID-uab9-6bgh-efct
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@24.7.2.0
27
url pkg:pypi/mindsdb@24.7.3.0
purl pkg:pypi/mindsdb@24.7.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba2s-8e42-7ucs
1
vulnerability VCID-d1sm-yyqm-fug8
2
vulnerability VCID-fjec-rvym-t3f1
3
vulnerability VCID-k6m1-mehq-pbez
4
vulnerability VCID-kttw-x13y-b3fj
5
vulnerability VCID-stp6-86fa-cubn
6
vulnerability VCID-uab9-6bgh-efct
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@24.7.3.0
28
url pkg:pypi/mindsdb@24.7.4.0
purl pkg:pypi/mindsdb@24.7.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ba2s-8e42-7ucs
1
vulnerability VCID-d1sm-yyqm-fug8
2
vulnerability VCID-fjec-rvym-t3f1
3
vulnerability VCID-k6m1-mehq-pbez
4
vulnerability VCID-kttw-x13y-b3fj
5
vulnerability VCID-stp6-86fa-cubn
6
vulnerability VCID-uab9-6bgh-efct
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mindsdb@24.7.4.0
References
0
reference_url https://hiddenlayer.com/sai-security-advisory/2024-09-mindsdb/
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://hiddenlayer.com/sai-security-advisory/2024-09-mindsdb/
Weaknesses
Exploits
Severity_range_score8.8 - 8.8
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-k6m1-mehq-pbez