CVE-2024-45848 | MindsDB up to 24.7.4.0 ChromaDB Integration neutralization of directives

Inserito da Angelo Barbosa | Set 12, 2024 | CVE

A vulnerability classified as critical was found in MindsDB up to 24.7.4.0. This vulnerability affects unknown code of the component ChromaDB Integration. The manipulation leads to improper neutralization of directives in dynamically evaluated code (‘eval injection’).

This vulnerability was named CVE-2024-45848. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-45848 | MindsDB up to 24.7.4.0 ChromaDB Integration neutralization of directives

Post correlati

CVE-2023-41177 | Trend Micro Mobile Security for Enterprise ServerUpdate_UpdateSuccessful cross site scripting

CVE-2023-52717 | Huawei HarmonyOS/EMUI Lock Screen Module permission

CVE-2024-0879 | Mintplex-Labs vector-admin prior a581b8177dd6be719a5ef6d3ce4b1e939636bb41 Domain Restriction improper authentication

CVE-2024-2097 | Hitachi Energy MACH SCM up to 4.38 LINQ Query access control