Anyscale Ray up to 2.40.0 Script code injection 🚫 [False Positive]

Noticeinfo

⚠️ Further investigation has shown that this issues is a false-positive. Please review the sources mentioned and consider not using this entry at all.

Productinfo

Vendor

• Anyscale

Name

• Ray

Version

• 2.0
• 2.1
• 2.2
• 2.3
• 2.4
• 2.5
• 2.6
• 2.7
• 2.8
• 2.9
• 2.10
• 2.11
• 2.12
• 2.13
• 2.14
• 2.15
• 2.16
• 2.17
• 2.18
• 2.19
• 2.20
• 2.21
• 2.22
• 2.23
• 2.24
• 2.25
• 2.26
• 2.27
• 2.28
• 2.29
• 2.30
• 2.31
• 2.32
• 2.33
• 2.34
• 2.35
• 2.36
• 2.37
• 2.38
• 2.39
• 2.40.0

Timelineinfo

01/09/2025 🔍
02/12/2025 +34 days 🔍
02/12/2025 +0 days 🔍
06/23/2025 +131 days 🔍

Sourcesinfo

Advisory: github.com
False Positive: Yes

CVE: CVE-2024-57000 (🔍)
GCVE (CVE): GCVE-0-2024-57000
GCVE (VulDB): GCVE-100-295450
EUVD: 🔍

Entryinfo

Created: 02/12/2025 08:41
Updated: 06/23/2025 06:18
Changes: 02/12/2025 08:41 (51), 02/12/2025 17:40 (2), 02/15/2025 06:18 (3), 06/23/2025 06:18 (1)
Complete: 🔍
Cache ID: 216::103

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Discussion

Interested in the pricing of exploits?

See the underground prices here!