130 matches found
GHSA-5M98-QGG9-WH84 vulnerabilities
Vulnerabilities for packages: checkov, dask-gateway, kserve...
CVE-2024-30251 vulnerabilities
Vulnerabilities for packages: nemo, dask-gateway, checkov, kserve, py3.13-scanner-test-libraries-aiohttp...
CVE-2024-30251 vulnerabilities
Vulnerabilities for packages: checkov, dask-gateway, kserve...
CVE-2023-43804 vulnerabilities
Vulnerabilities for packages: kube-downscaler, kubeflow-jupyter-web-app, dask-gateway, k8s-sidecar, py3.13-scanner-test-libraries, py3-urllib3, kubeflow-volumes-web-app...
GHSA-V845-JXX5-VC9F vulnerabilities
Vulnerabilities for packages: kube-downscaler, kubeflow-jupyter-web-app, dask-gateway, k8s-sidecar, py3.13-scanner-test-libraries, py3-urllib3, kubeflow-volumes-web-app...
SUSE CVE-2021-42343
An issue was discovered in the Dask distributed package before 2021.10.0 for Python. Single machine Dask clusters started with dask.distributed.LocalCluster or dask.distributed.Client which defaults to using LocalCluster would mistakenly configure their respective Dask workers to listen on extern...
Workers for local Dask clusters mistakenly listened on public interfaces
Versions of distributed earlier than 2021.10.0 had a potential security vulnerability relating to single-machine Dask clusters. Clusters started with dask.distributed.LocalCluster or dask.distributed.Client which defaults to using LocalCluster would mistakenly configure their respective Dask...
GHSA-HWQR-F3V9-HWXR Workers for local Dask clusters mistakenly listened on public interfaces
Versions of distributed earlier than 2021.10.0 had a potential security vulnerability relating to single-machine Dask clusters. Clusters started with dask.distributed.LocalCluster or dask.distributed.Client which defaults to using LocalCluster would mistakenly configure their respective Dask...
GHSA-J8FQ-86C5-5V2R Duplicate Advisory: Remote code execution in dask
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-hwqr-f3v9-hwxr. This link is maintained to preserve external references. Original Description An issue was discovered in Dask aka python-dask through 2021.09.1. Single machine Dask clusters started with...
Duplicate Advisory: Remote code execution in dask
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-hwqr-f3v9-hwxr. This link is maintained to preserve external references. Original Description An issue was discovered in Dask aka python-dask through 2021.09.1. Single machine Dask clusters started with...
Remote Code Execution (RCE)
dask is vulnerable to remote code executionRCE attacks. Dask workers are able to listen to external interfaces with a randomly selected high port rather than only on localhost, when a dask cluster is mistakenly configured and started with dask.distributed.LocalCluster or dask.distributed.Client. ...
CVE-2021-42343
An issue was discovered in the Dask distributed package before 2021.10.0 for Python. Single machine Dask clusters started with dask.distributed.LocalCluster or dask.distributed.Client which defaults to using LocalCluster would mistakenly configure their respective Dask workers to listen on extern...
DEBIAN-CVE-2021-42343
An issue was discovered in the Dask distributed package before 2021.10.0 for Python. Single machine Dask clusters started with dask.distributed.LocalCluster or dask.distributed.Client which defaults to using LocalCluster would mistakenly configure their respective Dask workers to listen on extern...
CVE-2021-42343
An issue was discovered in the Dask distributed package before 2021.10.0 for Python. Single machine Dask clusters started with dask.distributed.LocalCluster or dask.distributed.Client which defaults to using LocalCluster would mistakenly configure their respective Dask workers to listen on extern...
UBUNTU-CVE-2021-42343
An issue was discovered in the Dask distributed package before 2021.10.0 for Python. Single machine Dask clusters started with dask.distributed.LocalCluster or dask.distributed.Client which defaults to using LocalCluster would mistakenly configure their respective Dask workers to listen on extern...
Remote code execution
An issue was discovered in the Dask distributed package before 2021.10.0 for Python. Single machine Dask clusters started with dask.distributed.LocalCluster or dask.distributed.Client which defaults to using LocalCluster would mistakenly configure their respective Dask workers to listen on extern...
PYSEC-2021-387
An issue was discovered in Dask aka python-dask through 2021.09.1. Single machine Dask clusters started with dask.distributed.LocalCluster or dask.distributed.Client which defaults to using LocalCluster would mistakenly configure their respective Dask workers to listen on external interfaces...
cdp-backend (>=3.0.0.dev4 <=3.0.0.dev5), cellphonedbu (>=1.1.1.5 <=1.1.1.7) +13 more potentially affected by CVE-2021-42343 via dask (>=1.0.0 <=2020.12.0)
dask PYPI version =1.0.0, =3.0.0.dev4, =1.1.1.5, =2.15.0, =0.5.0, =0.6.7, =0.1.0, =9.1.2, =0.1.0, =0.5.0, =0.1.263611229, =2.1.1, =2.3.2 - water-masses =2021.1.0a1 Source cves: CVE-2021-42343 Source advisory: OSV:PYSEC-2021-387...
PYSEC-2021-871
An issue was discovered in the Dask distributed package before 2021.10.0 for Python. Single machine Dask clusters started with dask.distributed.LocalCluster or dask.distributed.Client which defaults to using LocalCluster would mistakenly configure their respective Dask workers to listen on extern...
PYSEC-2021-872
Withdrawn as duplicate of PYSEC-2021-871. An issue was discovered in the Dask distributed package before 2021.10.0 for Python. Single machine Dask clusters started with dask.distributed.LocalCluster or dask.distributed.Client which defaults to using LocalCluster would mistakenly configure their...