Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Deleting a collaboration should also delete linked resources
Vulnerability Description
vantage6 is privacy preserving federated learning infrastructure. When a collaboration is deleted, the linked resources (such as tasks from that collaboration) should be deleted. This is partly to manage data properly, but also to prevent a potential (but unlikely) side-effect that affects versions prior to 4.0.0, where if a collaboration with id=10 is deleted, and subsequently a new collaboration is created with id=10, the authenticated users in that collaboration could potentially see results of the deleted collaboration in some cases. Version 4.0.0 contains a patch for this issue. There are no known workarounds.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N
Vulnerability Type
信息暴露
Vulnerability Title
vantage6 代码问题漏洞
Vulnerability Description
vantage6是vantage6开源的一个用于 Secure Insight eXchange 的开源 priVAcy preserviNg federalTed leArningG 基础架构。 vantage6 3.3.6之前版本存在代码问题漏洞,该漏洞源于删除协作时不删除链接的资源(例如该协作中的任务)。
CVSS Information
N/A
Vulnerability Type
N/A