PyPi: Vantage6

CVE-2024-23823

Safety vulnerability ID: 71946

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Mar 14, 2024 Updated at Dec 13, 2024

Scan your Python projects for vulnerabilities →

Advisory

vantage6 is an open source framework built to enable, manage and deploy privacy enhancing technologies like Federated Learning and Multi-Party Computation. The vantage6 server has no restrictions on CORS settings. It should be possible for people to set the allowed origins of the server. The impact is limited because v6 does not use session cookies.

Affected package

vantage6

Latest version: 4.8.2

vantage6 command line interface

Affected versions

Fixed versions

Vulnerability changelog

This vulnerability has no description

Resources

https://github.com/advisories/GHSA-4946-85pr-fvxh
https://github.com/vantage6/vantage6/commit/70bb4e1d889230a841eb364d6c03accd7dd01a41
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23823

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application