Lucene search
+L

130 matches found

wolfi
wolfi
added 2024/05/03 5:29 p.m.17 views

GHSA-5M98-QGG9-WH84 vulnerabilities

Vulnerabilities for packages: checkov, dask-gateway, kserve...

6.1AI score
Exploits0
cgr
cgr
added 2024/05/02 2:15 p.m.38 views

CVE-2024-30251 vulnerabilities

Vulnerabilities for packages: nemo, dask-gateway, checkov, kserve, py3.13-scanner-test-libraries-aiohttp...

7.5CVSS6.7AI score0.01094EPSS
Exploits0
wolfi
wolfi
added 2024/05/02 2:15 p.m.76 views

CVE-2024-30251 vulnerabilities

Vulnerabilities for packages: checkov, dask-gateway, kserve...

7.5CVSS6.7AI score0.01094EPSS
Exploits0
cgr
cgr
added 2023/10/04 5:15 p.m.75 views

CVE-2023-43804 vulnerabilities

Vulnerabilities for packages: kube-downscaler, kubeflow-jupyter-web-app, dask-gateway, k8s-sidecar, py3.13-scanner-test-libraries, py3-urllib3, kubeflow-volumes-web-app...

8.1CVSS6.7AI score0.01207EPSS
Exploits0
cgr
cgr
added 2023/10/02 11:27 p.m.148 views

GHSA-V845-JXX5-VC9F vulnerabilities

Vulnerabilities for packages: kube-downscaler, kubeflow-jupyter-web-app, dask-gateway, k8s-sidecar, py3.13-scanner-test-libraries, py3-urllib3, kubeflow-volumes-web-app...

6.1AI score
Exploits0
susecve
susecve
added 2023/02/15 3:37 a.m.4 views

SUSE CVE-2021-42343

An issue was discovered in the Dask distributed package before 2021.10.0 for Python. Single machine Dask clusters started with dask.distributed.LocalCluster or dask.distributed.Client which defaults to using LocalCluster would mistakenly configure their respective Dask workers to listen on extern...

9.8CVSS9.6AI score0.02876EPSS
Exploits0References3
github
github
added 2022/07/15 9:56 p.m.45 views

Workers for local Dask clusters mistakenly listened on public interfaces

Versions of distributed earlier than 2021.10.0 had a potential security vulnerability relating to single-machine Dask clusters. Clusters started with dask.distributed.LocalCluster or dask.distributed.Client which defaults to using LocalCluster would mistakenly configure their respective Dask...

9.8CVSS2.8AI score0.02876EPSS
Exploits0References9Affected Software1
osv
osv
added 2022/07/15 9:56 p.m.20 views

GHSA-HWQR-F3V9-HWXR Workers for local Dask clusters mistakenly listened on public interfaces

Versions of distributed earlier than 2021.10.0 had a potential security vulnerability relating to single-machine Dask clusters. Clusters started with dask.distributed.LocalCluster or dask.distributed.Client which defaults to using LocalCluster would mistakenly configure their respective Dask...

9.8CVSS9.6AI score0.02876EPSS
Exploits0References9
osv
osv
added 2021/10/27 6:53 p.m.24 views

GHSA-J8FQ-86C5-5V2R Duplicate Advisory: Remote code execution in dask

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-hwqr-f3v9-hwxr. This link is maintained to preserve external references. Original Description An issue was discovered in Dask aka python-dask through 2021.09.1. Single machine Dask clusters started with...

9.8CVSS8.5AI score0.02876EPSS
Exploits0References9
github
github
added 2021/10/27 6:53 p.m.50 views

Duplicate Advisory: Remote code execution in dask

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-hwqr-f3v9-hwxr. This link is maintained to preserve external references. Original Description An issue was discovered in Dask aka python-dask through 2021.09.1. Single machine Dask clusters started with...

9.8CVSS8.5AI score0.02876EPSS
Exploits0References8Affected Software1
veracode
veracode
added 2021/10/27 9:49 a.m.26 views

Remote Code Execution (RCE)

dask is vulnerable to remote code executionRCE attacks. Dask workers are able to listen to external interfaces with a randomly selected high port rather than only on localhost, when a dask cluster is mistakenly configured and started with dask.distributed.LocalCluster or dask.distributed.Client. ...

9.8CVSS4.1AI score0.02876EPSS
Exploits0References3Affected Software2
nvd
nvd
added 2021/10/26 11:15 a.m.16 views

CVE-2021-42343

An issue was discovered in the Dask distributed package before 2021.10.0 for Python. Single machine Dask clusters started with dask.distributed.LocalCluster or dask.distributed.Client which defaults to using LocalCluster would mistakenly configure their respective Dask workers to listen on extern...

9.8CVSS0.02876EPSS
Exploits0References3
osv
osv
added 2021/10/26 11:15 a.m.3 views

DEBIAN-CVE-2021-42343

An issue was discovered in the Dask distributed package before 2021.10.0 for Python. Single machine Dask clusters started with dask.distributed.LocalCluster or dask.distributed.Client which defaults to using LocalCluster would mistakenly configure their respective Dask workers to listen on extern...

9.8CVSS8.8AI score0.02876EPSS
Exploits0References1
osv
osv
added 2021/10/26 11:15 a.m.16 views

CVE-2021-42343

An issue was discovered in the Dask distributed package before 2021.10.0 for Python. Single machine Dask clusters started with dask.distributed.LocalCluster or dask.distributed.Client which defaults to using LocalCluster would mistakenly configure their respective Dask workers to listen on extern...

9.8CVSS9.7AI score
Exploits0References3
osv
osv
added 2021/10/26 11:15 a.m.4 views

UBUNTU-CVE-2021-42343

An issue was discovered in the Dask distributed package before 2021.10.0 for Python. Single machine Dask clusters started with dask.distributed.LocalCluster or dask.distributed.Client which defaults to using LocalCluster would mistakenly configure their respective Dask workers to listen on extern...

9.8CVSS7.5AI score0.02876EPSS
Exploits0References2
prion
prion
added 2021/10/26 11:15 a.m.21 views

Remote code execution

An issue was discovered in the Dask distributed package before 2021.10.0 for Python. Single machine Dask clusters started with dask.distributed.LocalCluster or dask.distributed.Client which defaults to using LocalCluster would mistakenly configure their respective Dask workers to listen on extern...

6.8CVSS9.6AI score0.02876EPSS
Exploits0References3Affected Software1
pypa
pypa
added 2021/10/26 11:15 a.m.7 views

PYSEC-2021-387

An issue was discovered in Dask aka python-dask through 2021.09.1. Single machine Dask clusters started with dask.distributed.LocalCluster or dask.distributed.Client which defaults to using LocalCluster would mistakenly configure their respective Dask workers to listen on external interfaces...

9.8CVSS7.6AI score0.02876EPSS
Exploits0References3Affected Software1
vulnersosv
vulnersosv
added 2021/10/26 11:15 a.m.5 views

cdp-backend (>=3.0.0.dev4 <=3.0.0.dev5), cellphonedbu (>=1.1.1.5 <=1.1.1.7) +13 more potentially affected by CVE-2021-42343 via dask (>=1.0.0 <=2020.12.0)

dask PYPI version =1.0.0, =3.0.0.dev4, =1.1.1.5, =2.15.0, =0.5.0, =0.6.7, =0.1.0, =9.1.2, =0.1.0, =0.5.0, =0.1.263611229, =2.1.1, =2.3.2 - water-masses =2021.1.0a1 Source cves: CVE-2021-42343 Source advisory: OSV:PYSEC-2021-387...

9.8CVSS7.2AI score0.02876EPSS
Exploits0
pypa
pypa
added 2021/10/26 11:15 a.m.5 views

PYSEC-2021-871

An issue was discovered in the Dask distributed package before 2021.10.0 for Python. Single machine Dask clusters started with dask.distributed.LocalCluster or dask.distributed.Client which defaults to using LocalCluster would mistakenly configure their respective Dask workers to listen on extern...

9.8CVSS7.6AI score0.02876EPSS
Exploits0References5Affected Software1
pypa
pypa
added 2021/10/26 11:15 a.m.3 views

PYSEC-2021-872

Withdrawn as duplicate of PYSEC-2021-871. An issue was discovered in the Dask distributed package before 2021.10.0 for Python. Single machine Dask clusters started with dask.distributed.LocalCluster or dask.distributed.Client which defaults to using LocalCluster would mistakenly configure their...

9.8CVSS7.5AI score0.02876EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder