{"id":"CVE-2025-62593","summary":"Ray is vulnerable to RCE via Safari & Firefox Browsers through DNS Rebinding Attack","details":"Ray is an AI compute engine. Prior to version 2.52.0, developers working with Ray as a development tool can be exploited via a critical RCE vulnerability exploitable via Firefox and Safari. This vulnerability is due to an insufficient guard against browser-based attacks, as the current defense uses the User-Agent header starting with the string \"Mozilla\" as a defense mechanism. This defense is insufficient as the fetch specification allows the User-Agent header to be modified. Combined with a DNS rebinding attack against the browser, and this vulnerability is exploitable against a developer running Ray who inadvertently visits a malicious website, or is served a malicious advertisement (malvertising). This issue has been patched in version 2.52.0.","aliases":["GHSA-q279-jhrf-cc6v"],"modified":"2026-04-12T18:40:01.735187Z","published":"2025-11-26T22:28:28.577Z","related":["CGA-9gr6-8jwm-q9c2"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/62xxx/CVE-2025-62593.json","cna_assigner":"GitHub_M","cwe_ids":["CWE-352","CWE-94"]},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/62xxx/CVE-2025-62593.json"},{"type":"ADVISORY","url":"https://github.com/ray-project/ray/security/advisories/GHSA-q279-jhrf-cc6v"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-62593"},{"type":"FIX","url":"https://github.com/ray-project/ray/commit/70e7c72780bdec075dba6cad1afe0832772bfe09"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ray-project/ray","events":[{"introduced":"0"},{"fixed":"9527a555280fb9837ce73dabf01559c20656a456"}]}],"versions":["ray-0.1.0","ray-0.1.1","ray-0.1.2","ray-0.2.0","ray-0.2.1","ray-0.2.2","ray-0.3.0","ray-0.3.1","ray-0.4.0","ray-0.5.0","ray-0.5.1","ray-0.5.2","ray-0.5.3","ray-0.6.0","ray-0.6.1","ray-0.6.2","ray-0.6.3","ray-0.6.4","ray-0.6.5","ray-0.7.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-62593.json","vanir_signatures_modified":"2026-04-12T18:40:01Z","vanir_signatures":[{"digest":{"length":181,"function_hash":"56065427489371892619525388060605617577"},"id":"CVE-2025-62593-282ebc92","source":"https://github.com/ray-project/ray/commit/9527a555280fb9837ce73dabf01559c20656a456","signature_version":"v1","signature_type":"Function","deprecated":false,"target":{"function":"GrpcStatusToRayStatusMessage","file":"src/ray/common/grpc_util.h"}},{"digest":{"threshold":0.9,"line_hashes":["156321649133330348836255023392667957861","187686088441040911899717510302785079379","89813876109230308253544443877010497747","99632896009449546360696432965733781380"]},"id":"CVE-2025-62593-2adaa485","source":"https://github.com/ray-project/ray/commit/9527a555280fb9837ce73dabf01559c20656a456","signature_version":"v1","signature_type":"Line","deprecated":false,"target":{"file":"src/ray/rpc/tests/authentication_token_loader_test.cc"}},{"digest":{"length":673,"function_hash":"75823841783107231163521423519702219723"},"id":"CVE-2025-62593-8f3b0cdd","source":"https://github.com/ray-project/ray/commit/9527a555280fb9837ce73dabf01559c20656a456","signature_version":"v1","signature_type":"Function","deprecated":false,"target":{"function":"AuthenticationTokenLoader::GetToken","file":"src/ray/rpc/authentication/authentication_token_loader.cc"}},{"digest":{"length":1490,"function_hash":"147826084863257049590841695557134866091"},"id":"CVE-2025-62593-a4873797","source":"https://github.com/ray-project/ray/commit/9527a555280fb9837ce73dabf01559c20656a456","signature_version":"v1","signature_type":"Function","deprecated":false,"target":{"function":"AuthenticationTokenLoader::LoadTokenFromSources","file":"src/ray/rpc/authentication/authentication_token_loader.cc"}},{"digest":{"length":241,"function_hash":"185143459698944864454699673287079946684"},"id":"CVE-2025-62593-b5427864","source":"https://github.com/ray-project/ray/commit/9527a555280fb9837ce73dabf01559c20656a456","signature_version":"v1","signature_type":"Function","deprecated":false,"target":{"function":"TEST_F","file":"src/ray/rpc/tests/authentication_token_loader_test.cc"}},{"digest":{"threshold":0.9,"line_hashes":["55981934815664072277182319603385082475","55020787688292329825949820372674609286","328439321749483933289418425687142135994","109914999312075412476131856172623007501","311917845091523779450623273503685281047","209545007263301770607483022253939733609","129093700844374577887954630153787952048","193966355669325908267635137830918721314","226966524436132273445696724164412683306","230255790019996256908594566692075301644","179241724579205355626786593569095892590","77794689314351937612441115641726070586","96544262103981727874032439630571710166"]},"id":"CVE-2025-62593-b78ea8aa","source":"https://github.com/ray-project/ray/commit/9527a555280fb9837ce73dabf01559c20656a456","signature_version":"v1","signature_type":"Line","deprecated":false,"target":{"file":"src/ray/rpc/authentication/authentication_token_loader.cc"}},{"digest":{"threshold":0.9,"line_hashes":["223713345816532416578317420767597281837","11710703943372767553884800224956220166","257097648853779753674435958512350954280","100728669205324127409911092731314576631","166564555555711604673082396445192551897","89353624891747849743119973619460487507","214894037888368964399516614545161576114","281526845555798729590991644874173061592","274532670641196761758229557035955745114","15076859543912094445759090077744031506","45563035706227044537666284666902002943","171055296073383646294417543470280629591","191767493615250660371915332145324456182","52954176278039638677280633667420640737","309019326822652743944545588313022654702","204984628221496325585492025556565344260","228915387527576252717437741315834468428","101641895008496513102952599901522421765","123974331669826839767542947542186988814","320193365277152872473331517711882532740","172339991625498128802655668775163587065","6015246145892119942420496511768374733","181669222889194739518484940926343345981","146834408267379224054169432503441489028","58491158799069084186022283632257636282"]},"id":"CVE-2025-62593-c7a69754","source":"https://github.com/ray-project/ray/commit/9527a555280fb9837ce73dabf01559c20656a456","signature_version":"v1","signature_type":"Line","deprecated":false,"target":{"file":"src/ray/common/grpc_util.h"}}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"}]}