130 matches found
GHSA-69F9-5GXW-WVC2 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server, py3-cassandra-medusa, open-webui, kserve, checkov, dask-kubernetes...
CVE-2025-69228 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server, py3-cassandra-medusa, open-webui, kserve, checkov, dask-kubernetes...
PT-2026-3268
Name of the Vulnerable Software and Affected Versions Dask distributed versions prior to 2026.1.0 Description When Jupyter Lab, jupyter-server-proxy, and Dask distributed are used together, a crafted URL can lead to code execution by Jupyter due to a cross-site scripting XSS issue in the Dask...
EUVD-2025-201887
Malicious code in raft-dask PyPI...
MAL-2025-192382 Malicious code in raft-dask (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 030a53a896f5df53ae7114349ea26d0d00d132929f557c6b16ce9e2cdb217a0d Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in raft-dask (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 030a53a896f5df53ae7114349ea26d0d00d132929f557c6b16ce9e2cdb217a0d Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
EUVD-2021-0050
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2021-42343
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Dask distributed package before 2021.10.0 for Python. Single machine Dask clusters started with dask.distributed.LocalCluster or...
broad-dagster-utils (=2.0.0a7), dagit (>=0.5.1 <=1.10.15) +71 more potentially affected by CVE-2025-51481 via dagster (>=0.1.1 <=1.10.15)
dagster PYPI version =0.1.1, =0.5.1, =0.16.0, =0.5.4, =0.16.0, =0.16.0, =0.16.0, =0.16.0, =0.16.0, =0.16.0, =1.0.0, =1.10.0, =1.0.0, =0.16.0, =0.26.15 and more Source cves: CVE-2025-51481 Source advisory: OSV:GHSA-H7X8-JV97-FVVM...
CVE-2025-53643 vulnerabilities
Vulnerabilities for packages: py3-cassandra-medusa, dask-kubernetes...
GHSA-9548-QRRJ-X5PJ vulnerabilities
Vulnerabilities for packages: py3-cassandra-medusa, dask-kubernetes...
CVE-2025-53643 vulnerabilities
Vulnerabilities for packages: py3-cassandra-medusa, request-1276, text-generation-inference, dask-kubernetes, airflow, airflow-core, py3.13-scanner-test-libraries-aiohttp, py3-vllm-cuda-12.4, apache-beam-python-3.11-sdk, py3.10-vllm-cuda-11.8...
GHSA-9548-QRRJ-X5PJ vulnerabilities
Vulnerabilities for packages: py3-cassandra-medusa, request-1276, text-generation-inference, dask-kubernetes, airflow, airflow-core, py3.13-scanner-test-libraries-aiohttp, py3-vllm-cuda-12.4, apache-beam-python-3.11-sdk, py3.10-vllm-cuda-11.8...
GHSA-XQGJ-R6XV-9CW4 Withdrawn Advisory: Dask Vulnerable to Command Injection
Withdrawn Advisory This advisory has been withdrawn because it describes intended functionality. This link is maintained to preserve external references. Original Description Dask versions =2024.8.2 contain a vulnerability in the Dask Distributed Server where the use of pickle serialization allow...
Withdrawn Advisory: Dask Vulnerable to Command Injection
Withdrawn Advisory This advisory has been withdrawn because it describes intended functionality. This link is maintained to preserve external references. Original Description Dask versions =2024.8.2 contain a vulnerability in the Dask Distributed Server where the use of pickle serialization allow...
CVE-2024-10096
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2024-10096
...
CVE-2024-10096
...
编号撤回
Dask is a parallel computing library with task scheduling from the Dask open source. This CVE number has been withdrawn...
GHSA-7WRW-R4P8-38RX vulnerabilities
Vulnerabilities for packages: confluent-common-docker, undock, kubewatch, opensearch-k8s-operator, tflint, nri-jmx, dask-gateway, openfga, prometheus-blackbox-exporter, kubernetes-replicator, http-echo, nri-cassandra, q, distribution, fscrypt, kube-logging-operator, aws-privateca-issuer,...