VYPR

Polyaxon

by Polyaxon

Source repositories

CVEs (3)

  • CVE-2024-9362HigMar 20, 2025
    risk 0.51cvss 7.5epss 0.04

    An unauthenticated directory traversal vulnerability exists in Polyaxon, affecting the latest version. This vulnerability allows an attacker to retrieve directory information and file contents from the server without proper authorization, leading to sensitive information…

  • CVE-2024-9363HigMar 20, 2025
    risk 0.49cvss 7.5epss 0.01

    An unauthorized file deletion vulnerability exists in the latest version of the Polyaxon platform, which can lead to denial of service by terminating critical containers. An attacker can delete important files within the containers, such as `polyaxon.sock`, causing the API…

  • CVE-2024-9365MedMar 20, 2025
    risk 0.42cvss 6.5epss 0.00

    A Cross-Site Request Forgery (CSRF) vulnerability in polyaxon/polyaxon v2.4.0 allows attackers to perform unauthorized actions in the context of the victim's browser. This includes creating projects, model versions, and artifact versions, or changing settings. The impact of this…