VYPR

PyPI package

rasa

pkg:pypi/rasa

Vulnerabilities (2)

  • CVE-2024-49375CriJan 14, 2025
    affected < 3.6.21fixed 3.6.21

    Open source machine learning framework. A vulnerability has been identified in Rasa that enables an attacker who has the ability to load a maliciously crafted model remotely into a Rasa instance to achieve Remote Code Execution. The prerequisites for this are: 1. The HTTP API mus

  • CVE-2021-41127Oct 21, 2021
    affected < 2.8.10fixed 2.8.10

    Rasa is an open source machine learning framework to automate text-and voice-based conversations. In affected versions a vulnerability exists in the functionality that loads a trained model `tar.gz` file which allows a malicious actor to craft a `model.tar.gz` file which can over