Vulnerabilities (CVE)

Filtered by vendor Anyscale Subscribe
Filtered by product Ray
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-48023 1 Anyscale 1 Ray 2024-11-21 N/A 9.1 CRITICAL
Anyscale Ray 2.6.3 and 2.8.0 allows /log_proxy SSRF. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment
CVE-2023-48022 1 Anyscale 1 Ray 2024-11-21 N/A 9.8 CRITICAL
Anyscale Ray 2.6.3 and 2.8.0 allows a remote attacker to execute arbitrary code via the job submission API. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment