18 matches found
CVE-2024-40442
An issue in Doccano Open source annotation tools for machine learning practitioners v.1.8.4 and Doccano Auto Labeling Pipeline module to annotate a document automatically v.0.1.23 allows a remote attacker to escalate privileges via a crafted REST Request...
CVE-2024-40441
An issue in Doccano Open source annotation tools for machine learning practitioners v.1.8.4 and Doccano Auto Labeling Pipeline module to annotate a document automatically v.0.1.23 allows a remote attacker to escalate privileges via the modelattribs parameter...
CVE-2024-40441
An issue in Doccano Open source annotation tools for machine learning practitioners v.1.8.4 and Doccano Auto Labeling Pipeline module to annotate a document automatically v.0.1.23 allows a remote attacker to escalate privileges via the modelattribs parameter...
CVE-2024-40442
An issue in Doccano Open source annotation tools for machine learning practitioners v.1.8.4 and Doccano Auto Labeling Pipeline module to annotate a document automatically v.0.1.23 allows a remote attacker to escalate privileges via a crafted REST Request...
CVE-2024-40441
An issue in Doccano Open source annotation tools for machine learning practitioners v.1.8.4 and Doccano Auto Labeling Pipeline module to annotate a document automatically v.0.1.23 allows a remote attacker to escalate privileges via the modelattribs parameter...
CVE-2024-40442
An issue in Doccano Open source annotation tools for machine learning practitioners v.1.8.4 and Doccano Auto Labeling Pipeline module to annotate a document automatically v.0.1.23 allows a remote attacker to escalate privileges via a crafted REST Request...
PT-2024-28848 · Doccano · Doccano
Name of the Vulnerable Software and Affected Versions: Doccano Open source annotation tools for machine learning practitioners version 1.8.4 Doccano Auto Labeling Pipeline module to annotate a document automatically version 0.1.23 Description: The issue allows a remote attacker to escalate...
CVE-2024-40441
An issue in Doccano Open source annotation tools for machine learning practitioners v.1.8.4 and Doccano Auto Labeling Pipeline module to annotate a document automatically v.0.1.23 allows a remote attacker to escalate privileges via the modelattribs parameter...
CVE-2024-40442
CVE-2024-40442 affects Doccano open source annotation tools for ML practitioners (v1.8.4) and the Doccano Auto Labeling Pipeline module (v0.1.23). The issue allows a remote attacker to escalate privileges via a crafted REST request due to improper validation of REST endpoints, with impact describ...
Doccano 安全漏洞
doccano is an open source human text annotation tool from doccano open source. A security vulnerability exists in Doccano v1.8.4 and earlier versions. A remote attacker exploited the vulnerability to elevate privileges via the modelattribs parameter...
CVE-2024-40442
An issue in Doccano Open source annotation tools for machine learning practitioners v.1.8.4 and Doccano Auto Labeling Pipeline module to annotate a document automatically v.0.1.23 allows a remote attacker to escalate privileges via a crafted REST Request...
CVE-2024-40442
An issue in Doccano Open source annotation tools for machine learning practitioners v.1.8.4 and Doccano Auto Labeling Pipeline module to annotate a document automatically v.0.1.23 allows a remote attacker to escalate privileges via a crafted REST Request...
CVE-2024-40441
An issue in Doccano Open source annotation tools for machine learning practitioners v.1.8.4 and Doccano Auto Labeling Pipeline module to annotate a document automatically v.0.1.23 allows a remote attacker to escalate privileges via the modelattribs parameter...
Doccano 安全漏洞
doccano is an open source human text annotation tool from doccano open source. A security vulnerability exists in Doccano v1.8.4 and earlier versions. A remote attacker exploited the vulnerability to elevate privileges via a specially crafted REST request...
PT-2024-28849 · Unknown +1 · Doccano Auto Labeling Pipeline +1
Name of the Vulnerable Software and Affected Versions: Doccano Open source annotation tools for machine learning practitioners version 1.8.4 Doccano Auto Labeling Pipeline module version 0.1.23 Description: An issue in the affected software allows a remote attacker to escalate privileges via a...
CVE-2024-40441
CVE-2024-40441 describes a privilege-escalation flaw in Doccano’s open‑source tooling: the Doccano Open Source Annotation Tools for ML practitioners (v1.8.4) and the Doccano Auto Labeling Pipeline (v0.1.23) mishandle the model_attribs parameter, enabling remote attackers to elevate privileges. Ro...
bashbuddy (>=0.2.0 <=0.2.1), boilerplate-x (>=0.1.1 <=0.2.8) +23 more potentially affected by CVE-2023-29374 via langchain (>=0.0.100 <=0.0.131)
langchain PYPI version =0.0.100, =0.2.0, =0.1.1, =0.0.0, =0.1.0, =0.0.1, =0.0.4, =10.9.15, =0.1.3, =0.3.0, =0.0.1, =0.0.13, =0.0.1, =0.0.40, =0.1.1, =0.0.1, =0.0.7 and more Source cves: CVE-2023-29374 Source advisory: OSV:GHSA-FPRP-P869-W6Q2...
celery-smartbase (>=0.3.1 <=0.3.3), doccano (>=1.6.0 <=1.8.0) +5 more potentially affected by CVE-2020-17495 via django-celery-results (>=2.2.0 <=2.3.1)
django-celery-results PYPI version =2.2.0, =0.3.1, =1.6.0, =3.3.3, =1.3.4.7, =1.0.3, =3.6.0, =3.7.3 - vmcenter =1.2.0rc3 Source cves: CVE-2020-17495 Source advisory: OSV:GHSA-FVX8-V524-8579...