Lucene search
PRIOn knowledge basePRION:CVE-2023-48022HistoryNov 28, 2023 - 8:15 a.m.
Code injection
2023-11-2808:15:00
PRIOn knowledge base
www.prio-n.com
8
code injection
anyscale ray
remote attacker
arbitrary code execution
api vulnerability
network environment
Anyscale Ray 2.6.3 and 2.8.0 allows a remote attacker to execute arbitrary code via the job submission API. NOTE: the vendor’s position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment
Related
cvelist
cvelist
CVE-2023-48022
2023-11-28 00:00:00
CVE-2023-6021 Ray Log File Local File Include
2023-11-16 16:11:42
CVE-2023-6019 Ray Command Injection in cpu_profile Parameter
2023-11-16 16:12:07
nvd
nvd
cve
cve
nessus
nessus
Ray Dashboard Job RCE (CVE-2023-48022)
2024-04-19 00:00:00
githubexploit
githubexploit
Exploit for Server-Side Request Forgery in Anyscale Ray
2024-01-10 06:26:01
Exploit for Server-Side Request Forgery in Anyscale Ray
2024-03-29 09:54:31
osv
osv
Ray Path Traversal vulnerability
2023-11-16 18:30:31
Ray Missing Authorization vulnerability
2023-11-16 21:30:46
github
github
Ray Path Traversal vulnerability
2023-11-16 18:30:31
Ray Missing Authorization vulnerability
2023-11-16 21:30:46
prion
prion
Command injection
2023-11-16 17:15:00
Authentication flaw
2023-11-16 17:15:00
thn
thn