Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Arbitrary File Write when Extracting a Remotely retrieved Tarball in mindsdb/mindsdb
Vulnerability Description
mindsdb is a Machine Learning platform to help developers build AI solutions. In affected versions an unsafe extraction is being performed using `tarfile.extractall()` from a remotely retrieved tarball. Which may lead to the writing of the extracted files to an unintended location. Sometimes, the vulnerability is called a TarSlip or a ZipSlip variant. An attacker may leverage this vulnerability to overwrite any local file which the server process has access to. There is no risk of file exposure with this vulnerability. This issue has been addressed in release `23.2.1.0 `. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
MindsDB 路径遍历漏洞
Vulnerability Description
MindsDB是MindsDB公司的一个新兴的低代码机器学习平台。 MindsDB v23.1.5.0版本及之前版本存在路径遍历漏洞,该漏洞源于使用tarfile.extractall()从远程检索的tarball中执行不安全的提取,导致将提取的文件写入非预期位置。攻击者利用改漏洞可以覆盖服务器进程有权访问的任何本地文件。
CVSS Information
N/A
Vulnerability Type
N/A