ray@2.11.0 vulnerabilities
Ray provides a simple, universal API for building distributed applications.
-
latest version
2.20.0
-
first published
7 years ago
-
latest version published
3 days ago
-
licenses detected
- [0,)
Direct Vulnerabilities
Known vulnerabilities in the ray package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
ray is an A system for parallel and distributed Python that unifies the ML ecosystem. Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) through the dashboard API, via the Notes: The maintainer's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment. The maintainers have made a verification tool available to check a deployment for vulnerability to this issue: https://github.com/ray-project/ray-open-ports-checker How to fix Server-side Request Forgery (SSRF)? There is no fixed version for |
[0,)
|