{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49255?format=json","vulnerability_id":"VCID-c8b7-h6ah-v7au","summary":"Ray is vulnerable to Critical RCE via Safari & Firefox Browsers through DNS Rebinding Attack\nDevelopers working with Ray as a development tool can be exploited via a critical RCE vulnerability exploitable via Firefox and Safari.\n\nDue to the longstanding [decision](https://docs.ray.io/en/releases-2.51.1/ray-security/index.html) by the Ray Development team to not implement any sort of authentication on critical endpoints, like the `/api/jobs` & `/api/job_agent/jobs/` has once again led to a severe vulnerability that allows attackers to execute arbitrary code against Ray. This time in a development context via the browsers Firefox and Safari.\n\nThis vulnerability is due to an insufficient guard against browser-based attacks, as the current defense uses the `User-Agent` header starting with the string \"Mozilla\" as a defense mechanism. This defense is insufficient as the fetch specification allows the `User-Agent` header to be modified.\n\nCombined with a DNS rebinding attack against the browser, and this vulnerability is exploitable against a developer running Ray who inadvertently visits a malicious website, or is served a malicious advertisement ([malvertising](https://en.wikipedia.org/wiki/Malvertising)).","aliases":[{"alias":"CVE-2025-62593"},{"alias":"GHSA-q279-jhrf-cc6v"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/72632?format=json","purl":"pkg:pypi/ray@2.52.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kd8z-ysxx-d3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ray@2.52.0"}],"affected_packages":[],"references":[{"reference_url":"https://docs.ray.io/en/releases-2.51.1/ray-security/index.html","reference_id":"","reference_type":"","scores":[],"url":"https://docs.ray.io/en/releases-2.51.1/ray-security/index.html"},{"reference_url":"https://en.wikipedia.org/wiki/Malvertising","reference_id":"","reference_type":"","scores":[],"url":"https://en.wikipedia.org/wiki/Malvertising"},{"reference_url":"https://github.com/nccgroup/singularity/pull/68","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/nccgroup/singularity/pull/68"},{"reference_url":"https://github.com/ray-project/ray","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ray-project/ray"},{"reference_url":"https://github.com/ray-project/ray/blob/e7889ae542bf0188610bc8b06d274cbf53790cbd/python/ray/dashboard/http_server_head.py#L184-L196","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ray-project/ray/blob/e7889ae542bf0188610bc8b06d274cbf53790cbd/python/ray/dashboard/http_server_head.py#L184-L196"},{"reference_url":"https://github.com/ray-project/ray/blob/f39a860436dca3ed5b9dfae84bd867ac10c84dc6/python/ray/dashboard/optional_utils.py#L129-L155","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ray-project/ray/blob/f39a860436dca3ed5b9dfae84bd867ac10c84dc6/python/ray/dashboard/optional_utils.py#L129-L155"},{"reference_url":"https://github.com/ray-project/ray/commit/70e7c72780bdec075dba6cad1afe0832772bfe09","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ray-project/ray/commit/70e7c72780bdec075dba6cad1afe0832772bfe09"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-62593","reference_id":"CVE-2025-62593","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-62593"},{"reference_url":"https://github.com/advisories/GHSA-q279-jhrf-cc6v","reference_id":"GHSA-q279-jhrf-cc6v","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-q279-jhrf-cc6v"},{"reference_url":"https://github.com/ray-project/ray/security/advisories/GHSA-q279-jhrf-cc6v","reference_id":"GHSA-q279-jhrf-cc6v","reference_type":"","scores":[],"url":"https://github.com/ray-project/ray/security/advisories/GHSA-q279-jhrf-cc6v"}],"weaknesses":[{"cwe_id":352,"name":"Cross-Site Request Forgery (CSRF)","description":"The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request."},{"cwe_id":94,"name":"Improper Control of Generation of Code ('Code Injection')","description":"The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."}],"exploits":[],"severity_range_score":null,"exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c8b7-h6ah-v7au"}