PyPI package
rasa-pro
pkg:pypi/rasa-pro
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-32377 | Med | 6.5 | >= 3.12.0, < 3.12.6 | 3.12.6 | Apr 18, 2025 | Rasa Pro is a framework for building scalable, dynamic conversational AI assistants that integrate large language models (LLMs). A vulnerability has been identified in Rasa Pro where voice connectors in Rasa Pro do not properly implement authentication even when a token is config | |
| CVE-2024-49375 | Cri | 9.0 | >= 3.10.0, < 3.10.12 | 3.10.12 | Jan 14, 2025 | Open source machine learning framework. A vulnerability has been identified in Rasa that enables an attacker who has the ability to load a maliciously crafted model remotely into a Rasa instance to achieve Remote Code Execution. The prerequisites for this are: 1. The HTTP API mus |
- affected >= 3.12.0, < 3.12.6fixed 3.12.6
Rasa Pro is a framework for building scalable, dynamic conversational AI assistants that integrate large language models (LLMs). A vulnerability has been identified in Rasa Pro where voice connectors in Rasa Pro do not properly implement authentication even when a token is config
- affected >= 3.10.0, < 3.10.12fixed 3.10.12
Open source machine learning framework. A vulnerability has been identified in Rasa that enables an attacker who has the ability to load a maliciously crafted model remotely into a Rasa instance to achieve Remote Code Execution. The prerequisites for this are: 1. The HTTP API mus