{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T06:32:39.089","vulnerabilities":[{"cve":{"id":"CVE-2024-24759","sourceIdentifier":"security-advisories@github.com","published":"2024-09-05T17:15:12.380","lastModified":"2024-09-06T13:06:18.623","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 23.12.4.2, a threat actor can bypass the server-side request forgery protection on the whole website with DNS Rebinding. The vulnerability can also lead to denial of service. Version 23.12.4.2 contains a patch."},{"lang":"es","value":"MindsDB es una plataforma para crear inteligencia artificial a partir de datos empresariales. Antes de la versión 23.12.4.2, un actor de amenazas podía eludir la protección contra falsificación de solicitudes del lado del servidor en todo el sitio web con DNS Rebinding. La vulnerabilidad también puede provocar una denegación de servicio. La versión 23.12.4.2 contiene un parche."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":4.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mindsdb:mindsdb:*:*:*:*:*:*:*:*","versionEndExcluding":"23.12.4.2","matchCriteriaId":"7466EAB9-6E4E-482B-91AF-D4150D6DF97C"}]}]}],"references":[{"url":"https://github.com/mindsdb/mindsdb/commit/5f7496481bd3db1d06a2d2e62c0dce960a1fe12b","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/mindsdb/mindsdb/security/advisories/GHSA-4jcv-vp96-94xr","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]}]}}]}