exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 2

CVE-2023-38699

больше 2 лет назад

MindsDB's AI Virtual Database allows developers to connect any AI/ML model to any datasource. Prior to version 23.7.4.0, a call to requests with `verify=False` disables SSL certificate checks. This rule enforces always verifying SSL certificates for methods in the Requests library. In version 23.7.4.0, certificates are validated by default, which is the desired behavior.

CVSS3: 9.1

EPSS: Низкий

GHSA-8hx6-qv6f-xgcw

больше 2 лет назад

MindsDB can be made to not verify SSL certificates

CVSS3: 9.1

EPSS: Низкий

Уязвимостей на страницу

	Уязвимость	CVSS	EPSS	Опубликовано
	CVE-2023-38699 MindsDB's AI Virtual Database allows developers to connect any AI/ML model to any datasource. Prior to version 23.7.4.0, a call to requests with `verify=False` disables SSL certificate checks. This rule enforces always verifying SSL certificates for methods in the Requests library. In version 23.7.4.0, certificates are validated by default, which is the desired behavior.	CVSS3: 9.1	0% Низкий	больше 2 лет назад
	GHSA-8hx6-qv6f-xgcw MindsDB can be made to not verify SSL certificates	CVSS3: 9.1	0% Низкий	больше 2 лет назад

Уязвимостей на страницу