cve/CVE-2023-48022.md at 694ac234a19db48cd3b1f78eb5f461ab1f6c99f7

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 9dd9a4d134 Update CVE sources 2024-08-07 19:02

2024-08-07 19:02:05 +00:00

Description

** DISPUTED ** Anyscale Ray 2.6.3 and 2.8.0 allows a remote attacker to execute arbitrary code via the job submission API. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment

POC

Reference

https://www.vicarius.io/vsociety/posts/shadowray-cve-2023-48022-exploit

Github

https://github.com/0x656565/CVE-2023-48022
https://github.com/google/tsunami-security-scanner-plugins
https://github.com/jakabakos/ShadowRay-RCE-PoC-CVE-2023-48022
https://github.com/nomi-sec/PoC-in-GitHub

979 B Raw Blame History

CVE-2023-48022

Description

POC

Reference

Github

979 B

Raw Blame History