GHSA-wxpc-2674-rxvw
Suggest an improvement- Source
- https://github.com/advisories/GHSA-wxpc-2674-rxvw
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/03/GHSA-wxpc-2674-rxvw/GHSA-wxpc-2674-rxvw.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GHSA-wxpc-2674-rxvw
- Aliases
-
- CVE-2024-11602
- Published
- 2025-03-20T12:32:42Z
- Modified
- 2025-03-21T17:34:41.623581Z
- Severity
-
- 7.4 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVSS Calculator
- Summary
- Feast Cross-Origin Resource Sharing vulnerability
- Details
-
A Cross-Origin Resource Sharing (CORS) vulnerability exists in feast-dev/feast version 0.40.0. The CORS configuration on the agentscope server does not properly restrict access to only trusted origins, allowing any external domain to make requests to the API. This can bypass intended security controls and potentially expose sensitive information.
- Database specific
{ "nvd_published_at": "2025-03-20T10:15:25Z", "cwe_ids": [ "CWE-346" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2025-03-21T16:59:37Z" }- References
Affected packages
PyPI / feast
Package
- Name
- feast
- View open source insights on deps.dev
- Purl
- pkg:pypi/feast
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedLast affected0.40.0
Affected versions
0.*
0.1.0
0.1.0.post0
0.1.2
0.1.2.post0
0.1.2.post1
0.3.0
0.3.2
0.3.3
0.3.3.post0
0.3.4
0.3.5
0.3.6
0.3.7
0.4.0
0.4.1
0.4.1.post0
0.4.2
0.4.3
0.4.4
0.4.5
0.4.6
0.4.7
0.5.0rc0
0.5.0
0.5.0.post0
0.5.1
0.6.0
0.6.1
0.6.2
0.7.0rc1
0.7.0rc2
0.7.0rc3
0.7.0
0.7.1
0.7.2
0.8.0rc3
0.8.0
0.8.1
0.8.2
0.8.3
0.8.4
0.9.0rc1
0.9.0rc2
0.9.0
0.9.1
0.9.2
0.9.3
0.9.4
0.9.5
0.9.5.1
0.9.5.2
0.9.6
0.9.7
0.9.8
0.9.9
0.10.0
0.10.1rc1
0.10.1rc3
0.10.1
0.10.2
0.10.3
0.10.4
0.10.5
0.10.6
0.10.7
0.10.8
0.11.0
0.12.0
0.12.1
0.13.0
0.14.0
0.14.1
0.15.0
0.15.1
0.16.0
0.16.1
0.17.0
0.18.0
0.18.1
0.19.0
0.19.1
0.19.2
0.19.3
0.19.4
0.20.0
0.20.1
0.20.2
0.21.0
0.21.1
0.21.2
0.21.3
0.22.0
0.22.1
0.22.2
0.22.3
0.22.4
0.23.0
0.23.1
0.23.2
0.24.0
0.24.1
0.25.0
0.25.1
0.25.2
0.26.0
0.27.0
0.27.1
0.28.0
0.29.0
0.30.2
0.31.0
0.31.1
0.33.1
0.34.0
0.34.1
0.35.0
0.36.0
0.37.1
0.38.0
0.39.0
0.39.1
0.40.0