{"id":"CVE-2023-41881","summary":"Deleting a collaboration should also delete linked resources","details":"vantage6 is privacy preserving federated learning infrastructure. When a collaboration is deleted, the linked resources (such as tasks from that collaboration) should be deleted. This is partly to manage data properly, but also to prevent a potential (but unlikely) side-effect that affects versions prior to 4.0.0, where if a collaboration with id=10 is deleted, and subsequently a new collaboration is created with id=10, the authenticated users in that collaboration could potentially see results of the deleted collaboration in some cases. Version 4.0.0 contains a patch for this issue. There are no known workarounds.","aliases":["GHSA-rf54-7qrr-96j6","PYSEC-2023-200"],"modified":"2026-04-10T05:01:22.118035Z","published":"2023-10-11T19:30:43.808Z","database_specific":{"cna_assigner":"GitHub_M","cwe_ids":["CWE-200","CWE-708"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/41xxx/CVE-2023-41881.json"},"references":[{"type":"WEB","url":"https://github.com/vantage6/vantage6/blob/0682c4288f43fee5bcc72dc448cdd99bd7e57f76/docs/release_notes.rst#400"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/41xxx/CVE-2023-41881.json"},{"type":"ADVISORY","url":"https://github.com/vantage6/vantage6/security/advisories/GHSA-rf54-7qrr-96j6"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-41881"},{"type":"FIX","url":"https://github.com/vantage6/vantage6/pull/748"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/vantage6/vantage6","events":[{"introduced":"0"},{"fixed":"7948b4b29f203df3b87f2f2a65bb44ee3e58433b"}]}],"versions":["version/0.0.0b3","version/3.3.0","version/3.3.0rc1","version/3.3.0rc2","version/3.3.0rc3","version/3.3.0rc4","version/3.3.1","version/3.3.2","version/3.3.3","version/3.3.4","version/3.3.5","version/3.3.6","version/4.0.0a1","version/4.0.0a10","version/4.0.0a2","version/4.0.0a3","version/4.0.0a4","version/4.0.0a5","version/4.0.0a6","version/4.0.0a7","version/4.0.0a8","version/4.0.0a9"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-41881.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N"}]}