CVE-2024-45855 - MindsDB Deserialization Code Execution Vulnerability
CVE ID : CVE-2024-45855 Published : Sept. 12, 2024, 1:15 p.m. | 1 hour, 29 minutes ago Description : Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsDB platform, enabling a maliciously uploaded ‘inhouse’ model to run arbitrary code on the server when using ‘finetune’ on it. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-45855
Published : Sept. 12, 2024, 1:15 p.m. | 1 hour, 29 minutes ago
Description : Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsDB platform, enabling a maliciously uploaded ‘inhouse’ model to run arbitrary code on the server when using ‘finetune’ on it.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : Sept. 12, 2024, 1:15 p.m. | 1 hour, 29 minutes ago
Description : Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsDB platform, enabling a maliciously uploaded ‘inhouse’ model to run arbitrary code on the server when using ‘finetune’ on it.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
