ray@2.3.1 vulnerabilities

Ray provides a simple, universal API for building distributed applications.

Direct Vulnerabilities

Known vulnerabilities in the ray package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Race Condition

ray is an A system for parallel and distributed Python that unifies the ML ecosystem.

Affected versions of this package are vulnerable to Race Condition during the creation of actors in multi-threaded environments.

How to fix Race Condition?

Upgrade ray to version 2.11.0 or higher.

[,2.11.0)
  • C
Arbitrary Command Injection

ray is an A system for parallel and distributed Python that unifies the ML ecosystem.

Affected versions of this package are vulnerable to Arbitrary Command Injection through the /log_proxy function. An attacker can inject arbitrary commands by submitting raw HTTP requests or via the Jobs SDK, with no authentication by default.

NOTE: The maintainers' position is that running jobs remotely is the intended behavior of the package and therefore it should not be considered vulnerable.

How to fix Arbitrary Command Injection?

Upgrade ray to version 2.8.1 or higher.

[,2.8.1)
  • C
Server-side Request Forgery (SSRF)

ray is an A system for parallel and distributed Python that unifies the ML ecosystem.

Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) through the dashboard API, via the url parameter of the /log_proxy API endpoint. An attacker can retrieve the highly privileged IAM credentials required by Ray from the AWS metadata API, due to insufficient input validation within the affected parameter.

Notes:

The maintainer's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment.

The maintainers have made a verification tool available to check a deployment for vulnerability to this issue: https://github.com/ray-project/ray-open-ports-checker

How to fix Server-side Request Forgery (SSRF)?

Upgrade ray to version 2.8.1 or higher.

[,2.8.1)
  • C
Directory Traversal

ray is an A system for parallel and distributed Python that unifies the ML ecosystem.

Affected versions of this package are vulnerable to Directory Traversal via the log API endpoint. This issue allows attackers to remotely read any file on the system depending on the permissions of the user that started the Dashboard.

How to fix Directory Traversal?

Upgrade ray to version 2.8.1 or higher.

[,2.8.1)
  • C
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

ray is an A system for parallel and distributed Python that unifies the ML ecosystem.

Affected versions of this package are vulnerable to Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') via the format parameter. An attacker can execute OS commands on the system running the dashboard remotely without authentication.

How to fix Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')?

Upgrade ray to version 2.8.0 or higher.

[,2.8.0)
  • C
Use of GET Request Method With Sensitive Query Strings

ray is an A system for parallel and distributed Python that unifies the ML ecosystem.

Affected versions of this package are vulnerable to Use of GET Request Method With Sensitive Query Strings via the optional_utils.py file. Remote attackers can make an unauthenticated API call and read any file on the system, such as SSH keys.

How to fix Use of GET Request Method With Sensitive Query Strings?

Upgrade ray to version 2.8.0 or higher.

[,2.8.0)