1 matches found
GHSA-6CXR-8Q3M-JWRR Ray Missing Authorization vulnerability
LFI in Ray's /static/ directory allows attackers to read any file on the server without authentication. The issue is fixed in version 2.8.1+. Ray maintainers response can be found here:...