rasa-pro

PyPI2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting rasa-propage 1 of 1

CVE-2024-49375CRITICALCVSS 9.0EG 9.0✓ Fixed in 3.8.18
2025-01-14
vulnerable: 0.0.1, 0.0.1.post1, 3.8.16, 3.8.17
Open source machine learning framework. A vulnerability has been identified in Rasa that enables an attacker who has the ability to load a maliciously crafted model remotely into a Rasa instance to achieve Remote Code Execution. The prereq…
CVE-2025-32377MEDIUMCVSS 6.5EG 6.5✓ Fixed in 3.9.20
2025-04-18
vulnerable: 0.0.1 ... 3.9.19 (11 versions)
Rasa Pro is a framework for building scalable, dynamic conversational AI assistants that integrate large language models (LLMs). A vulnerability has been identified in Rasa Pro where voice connectors in Rasa Pro do not properly implement a…

Check whether rasa-pro is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for rasa-pro CVEs against the assets you own.

Start Free Scan →