2 matches found
Ray Operating System Command Injection Vulnerability
Ray is a unified framework for scaling AI and Python applications open-sourced by ray-project. Ray suffers from an OS command injection vulnerability that stems from a command injection vulnerability in the cpuprofile URL parameter. An attacker can exploit this vulnerability to run the Ray...
PT-2023-8891
Name of the Vulnerable Software and Affected Versions Ray versions affected versions not specified Description The issue exists due to the lack of neutralization of special elements used in operating system commands. This allows a remote attacker to execute arbitrary commands using specially...