Vulnerabilities > RAY Project

DATE	CVE	VULNERABILITY TITLE	RISK
2023-11-16	CVE-2023-6020	Missing Authorization vulnerability in RAY Project RAY LFI in Ray's /static/ directory allows attackers to read any file on the server without authentication. network low complexity ray-project CWE-862	7.5
2023-11-16	CVE-2023-6019	OS Command Injection vulnerability in RAY Project RAY A command injection existed in Ray's cpu_profile URL parameter allowing attackers to execute os commands on the system running the ray dashboard remotely without authentication. network low complexity ray-project CWE-78 critical	9.8
2023-11-16	CVE-2023-6021	Path Traversal vulnerability in RAY Project RAY LFI in Ray's log API endpoint allows attackers to read any file on the server without authentication. network low complexity ray-project CWE-22	7.5

Vulnerabilities > RAY Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"RAY Project"}]}