mage-ai
condav0.8.44Mage is an open-source tool for building and running data pipelines that transform your data.
License Apache-2.0permissive40 versions1 maintainers0 deps464 weekly dl
mage-ai/mage-ai37
/ 100
Health
update required
[email protected] has vulnerabilities — update to latest
Update to >= 0.8.72 to fix known vulnerabilities
- Low health score (37/100)
- 1 high severity vulnerabilities
Health breakdown0 – 100
5/25
maintenance
3/20
popularity
10/25
security
12/15
maturity
7/15
community
Vulnerabilities
7
1 high5 medium1 low
Advisories (7)
| Severity | ID | Summary | Fixed in |
|---|---|---|---|
| medium | CVE-2024-45190 | Mage AI Path Traversal vulnerability | — |
| high | CVE-2023-31143 | Mage-ai missing user authentication | 0.8.72 |
| medium | CVE-2024-8072 | Mage AI allows remote unauthenticated attackers to leak the terminal server command history of arbitrary users | — |
| medium | CVE-2024-45189 | Mage AI Path Traversal vulnerability | — |
| medium | CVE-2024-45187 | Mage AI incorrectly gives privileges to users with deleted accounts | — |
| medium | CVE-2024-45188 | Mage AI Path Traversal vulnerability | — |
| unknown | CVE-2023-31143 | mage-ai is an open-source data pipeline tool for transforming and integrating data. Those who use Mage starting in version 0.8.34 and prior to 0.8.72 with user authentication enabled may be affected by a vulnerability. The terminal could be accessed by users who are not signed in or do not have editor permissions. Version 0.8.72 contains a fix for this issue. | 0.8.72 |
Health History
Dependency Tree
License Audit
API access
Get this data programmatically — free, no authentication.
curl https://depscope.dev/api/check/conda/mage-aiFirst published · 2022-09-29 18:01:24.701000+00:00
Last updated · 2025-04-22 14:58:27.155000+00:00