Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.2
CVE-2026-27482
- EPSS 0.04%
- Veröffentlicht 21.02.2026 09:18:26
- Zuletzt bearbeitet 24.02.2026 16:54:46
Ray is an AI compute engine. In versions 2.53.0 and below, thedashboard HTTP server blocks browser-origin POST/PUT but does not cover DELETE, and key DELETE endpoints are unauthenticated by default. If the dashboard/agent is reachable (e.g., --dashbo...
9.1
CVE-2023-48023
- EPSS 89.19%
- Veröffentlicht 28.11.2023 08:15:07
- Zuletzt bearbeitet 21.11.2024 08:31:00
Anyscale Ray 2.6.3 and 2.8.0 allows /log_proxy SSRF. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment
9.8
CVE-2023-48022
- EPSS 91.77%
- Veröffentlicht 28.11.2023 08:15:06
- Zuletzt bearbeitet 17.12.2025 17:15:47
Anyscale Ray 2.6.3 and 2.8.0 allows a remote attacker to execute arbitrary code via the job submission API. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of ...
1