GHSA-6wgj-66m2-xxp2
Suggest an improvement- Source
- https://github.com/advisories/GHSA-6wgj-66m2-xxp2
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/11/GHSA-6wgj-66m2-xxp2/GHSA-6wgj-66m2-xxp2.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-6wgj-66m2-xxp2
- Aliases
- Published
- 2023-11-28T09:30:26Z
- Modified
- 2025-09-30T18:44:31.112034Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- Ray has arbitrary code execution via jobs submission API
- Details
-
Anyscale Ray allows a remote attacker to execute arbitrary code via the job submission API. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment.
- Database specific
{ "severity": "CRITICAL", "github_reviewed": true, "nvd_published_at": "2023-11-28T08:15:06Z", "github_reviewed_at": "2025-09-30T18:19:55Z", "cwe_ids": [ "CWE-829", "CWE-918" ] }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2023-48022
- https://github.com/ray-project/ray/commit/978947083b1e192dba61ef653c863b11d56b0936
- https://atlas.mitre.org/studies/AML.CS0023
- https://bishopfox.com/blog/ray-versions-2-6-3-2-8-0
- https://console.vulncheck.com/cve/CVE-2023-48022
- https://docs.ray.io/en/latest/ray-security/index.html
- https://github.com/advisories/GHSA-xg2h-7cxj-3gvh
- https://github.com/honysyang/Ray
- https://github.com/ray-project/ray
- https://www.anyscale.com/blog/update-on-ray-cve-2023-48022-new-verification-tooling-available
- https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild
- https://www.vicarius.io/vsociety/posts/shadowray-cve-2023-48022-exploit
- https://www.vulncheck.com/blog/initial-access-intelligence-august-2024
Affected packages
PyPI / ray
Package
- Name
- ray
- View open source insights on deps.dev
- Purl
- pkg:pypi/ray
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedLast affected2.49.2
Affected versions
0.*
0.1.1
0.1.2
0.2.0
0.2.1
0.2.2
0.3.0
0.3.1
0.4.0
0.5.0
0.5.2
0.5.3
0.6.0
0.6.1
0.6.2
0.6.3
0.6.4
0.6.5
0.6.6
0.7.0
0.7.1
0.7.2
0.7.3
0.7.4
0.7.5
0.7.6
0.7.7
0.8.0
0.8.1
0.8.2
0.8.3
0.8.4
0.8.5
0.8.6
0.8.7
1.*
1.0.0rc0
1.0.0rc1
1.0.0rc2
1.0.0
1.0.1
1.0.1.post1
1.1.0
1.2.0
1.3.0
1.4.0rc1
1.4.0rc2
1.4.0
1.4.1
1.5.0
1.5.1
1.5.2
1.6.0
1.7.0rc0
1.7.0
1.7.1
1.8.0
1.9.0rc1
1.9.0rc2
1.9.0
1.9.1rc0
1.9.1
1.9.2
1.10.0rc0
1.10.0
1.11.0rc0
1.11.0rc1
1.11.0
1.11.1
1.12.0rc1
1.12.0
1.12.1
1.13.0
2.*
2.0.0rc0
2.0.0rc1
2.0.0
2.0.1
2.1.0
2.2.0
2.3.0rc0
2.3.0
2.3.1
2.4.0
2.5.0
2.5.1
2.6.0
2.6.1
2.6.2
2.6.3
2.7.0rc0
2.7.0
2.7.1
2.7.2
2.8.0
2.8.1
2.9.0
2.9.1
2.9.2
2.9.3
2.10.0
2.11.0
2.12.0
2.20.0
2.21.0
2.22.0
2.23.0
2.24.0
2.30.0
2.31.0
2.32.0rc0
2.32.0
2.33.0
2.34.0
2.35.0
2.36.0
2.36.1
2.37.0
2.38.0
2.39.0
2.40.0
2.41.0
2.42.0
2.42.1
2.43.0
2.44.0
2.44.1
2.45.0
2.46.0
2.47.0
2.47.1
2.48.0
2.49.0
2.49.1
2.49.2