VYPR
Vendor

Rasahq

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2024-49375CriJan 14, 2025
    risk 0.52cvss 9.0epss 0.01

    Open source machine learning framework. A vulnerability has been identified in Rasa that enables an attacker who has the ability to load a maliciously crafted model remotely into a Rasa instance to achieve Remote Code Execution. The prerequisites for this are: 1. The HTTP API…

  • CVE-2021-42556Oct 22, 2021
    risk 0.00cvss epss 0.01

    Rasa X before 0.42.4 allows Directory Traversal during archive extraction. In the functionality that allows a user to load a trained model archive, an attacker has arbitrary write capability within specific directories via a crafted archive file.

  • CVE-2021-41127Oct 21, 2021
    risk 0.00cvss epss 0.01

    Rasa is an open source machine learning framework to automate text-and voice-based conversations. In affected versions a vulnerability exists in the functionality that loads a trained model `tar.gz` file which allows a malicious actor to craft a `model.tar.gz` file which can…