dirac

PyPI2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting diracpage 1 of 1

CVE-2024-24825CRITICALCVSS 9.1EG 9.1✓ Fixed in 8.0.37
2024-02-09
vulnerable: 7.2.0 ... 8.0.9 (180 versions)
DIRAC is a distributed resource framework. In affected versions any user could get a token that has been requested by another user/agent. This may expose resources to unintended parties. This issue has been addressed in release version 8.0…
CVE-2024-29905HIGHCVSS 8.1EG 8.1✓ Fixed in 8.0.41
2024-04-09
vulnerable: 7.2.0 ... 8.0.9 (184 versions)
DIRAC is an interware, meaning a software framework for distributed computing. Prior to version 8.0.41, during the proxy generation process (e.g., when using `dirac-proxy-init`), it is possible for unauthorized users on the same machine to…

Check whether dirac is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for dirac CVEs against the assets you own.

Start Free Scan →