Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
CORS Vulnerability in feast-dev/feast
Vulnerability Description
A Cross-Origin Resource Sharing (CORS) vulnerability exists in feast-dev/feast version 0.40.0. The CORS configuration on the agentscope server does not properly restrict access to only trusted origins, allowing any external domain to make requests to the API. This can bypass intended security controls and potentially expose sensitive information.
CVSS Information
N/A
Vulnerability Type
源验证错误
Vulnerability Title
feast 访问控制错误漏洞
Vulnerability Description
feast是Feast开源的一个 AI/ML 开源功能库。 feast 0.40.0版本存在访问控制错误漏洞,该漏洞源于CORS配置不当,可能导致敏感信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A