Security Deep Dive
ray
Security posture and CVE patch evidence from tracked releases.
13 critical dependency CVEs affects ray-2.55.1.
Audit transitive dependencies; consider upgrading or pinning replacements.
✗ Signed
✗ SLSA
✓ SBOM
✓ Security policy
Monthly cadence · 20d median
Active maintainer
Trust Signals — 4 of 9 Present
Evidence already collected from releases and repository metadata.
4/9
Present
Signed releases
Absent
Latest release artifact signature
None
Last verified: 14d ago
SLSA provenance
Absent
Attestation predicate level
Latest release
Last verified: 14d ago
SBOM published
Present
GitHub SBOM API
Latest release
Last verified: 28d ago
SECURITY.md
Present
GitHub repository metadata
Repository policy
Checked: 22d ago
Release cadence: monthly
Present
20d median over recent releases
Release history
Latest release: 1mo ago
Maintainer active
Present
Recent commit activity
Repository
Last commit: 6d ago
Checksums (SHA256SUMS)
Not active yet
SHA256SUMS or equivalent
Release asset
Latest release: 1mo ago
GitHub Actions attestation
Not active yet
actions/attest-build-provenance
Workflow file
Latest release: 1mo ago
Signing assets
Not active yet
.sig, .crt, cosign.pub, or similar
Release asset
Latest release: 1mo ago
4.0/10
Security Score
5.7/10
Scorecard
Pending
CVE Patch Speed
Open CVEs
Open CVEs detected for latest version.
Security Score
A composite score aggregating Scorecard performance, CVE patch history, OpenSSF badge tier, and dependency vulnerability exposure. Score ≥ 7.0 is healthy; < 4.0 warrants attention.
epss
0.25 / 0.5
No EPSS data
freshness
1.00 / 1.0
5d stale
scorecard
2.28 / 4.0
Score 5.7/10
cve health
0.00 / 2.5
Open CVEs detected
patch speed
0.50 / 0.5
⚠ Estimated — no CVE patch history
kev exposure
1.50 / 1.5
No KEV exposure
supply chain risk
-1.50 / 10.0
Risk 100.0/100
Score breakdown
schema v2Vulnerability posture
vulnerability posture
0.0
25%
direct cves: open
cve scan: available
Release responsiveness
release responsiveness
10.0
5%
patch speed days: no_history
Dependency exposure
dependency exposure
0.0
10%
supply chain risk: 100.0
transitive cves: 85c/429h
Provenance trust
provenance trust
5.7
40%
scorecard score: 5.7
openssf badge: none
Maintainer health
maintainer health
10.0
10%
activity freshness: 5d
Operational risk
operational risk
8.5
10%
kev exposure: detected
epss max: none
How is this calculated?
The six dimensions group the legacy score signals into weighted categories: direct vulnerability status, patch responsiveness, dependency exposure, provenance checks, maintainer activity, and exploitability risk. The flat component values above remain available for compatibility.
Supply Chain Risk
Risk 100.0/100
13
Transitive critical CVEs
0
KEV-transitive CVEs
27%
Dependency freshness
Scorecard
Scorecard 5.7/10OpenSSF Scorecard evaluates supply-chain security practices automatically. Score ≥ 6 is passing; ≥ 8 is excellent.
| Check | Score | Reason |
|---|---|---|
| Packaging | -1 | packaging workflow not detected |
| Security-Policy | 3 | security policy file detected |
| Code-Review | 9 | Found 29/30 approved changesets -- score normalized to 9 |
| Maintained | 10 | 30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 |
| Dangerous-Workflow | 10 | no dangerous workflow patterns detected |
| Token-Permissions | 0 | detected GitHub workflow tokens with excessive permissions |
| CII-Best-Practices | 5 | badge detected: Passing |
| License | 10 | license file detected |
| Signed-Releases | -1 | no releases found |
| Binary-Artifacts | 8 | binaries present in source code |
| Fuzzing | 0 | project is not fuzzed |
| SAST | 0 | SAST tool is not run on all commits -- score normalized to 0 |
| Branch-Protection | 8 | branch protection is not maximal on development and all release branches |
| Pinned-Dependencies | 0 | dependency not pinned by hash detected -- score normalized to 0 |
Dependency Vulnerabilities
4357 dependencies scanned
View full dependency list →
Scanning the SBOM (Software Bill of Materials) of the latest release for known vulnerabilities in transitive dependencies.
Critical
13
High
128
Medium
0
Low
0
Unknown
0
Critical
13
High
128
| CVE | Severity | KEV | Dependency | Affected version | Cleared in release |
|---|---|---|---|---|---|
| CVE-2023-39631 | critical | — | numexpr | 2.8.4 | — |
| CVE-2023-6572 | critical | — | gradio | 3.50.2 | — |
| CVE-2024-1728 | critical | — | gradio | 3.50.2 | — |
| CVE-2024-2195 | critical | — | aim | 3.23.0 | — |
| CVE-2024-8019 | critical | — | pytorch-lightning | 1.8.6 | — |
| CVE-2024-8769 | critical | — | aim | 3.23.0 | — |
| CVE-2025-14009 | critical | — | nltk | 3.8.1 | — |
| CVE-2025-15036 | critical | — | mlflow | 3.1.4 | — |
| CVE-2025-15379 | critical | — | mlflow | 3.1.4 | — |
| CVE-2025-23042 | critical | — | gradio | 3.50.2 | — |
| CVE-2025-7783 | critical | — | form-data | 3.0.1 | — |
| CVE-2026-0545 | critical | — | mlflow | 3.1.4 | — |
| CVE-2026-2635 | critical | — | mlflow | 3.1.4 | — |
| CVE-2021-3803 | high | — | nth-check | 1.0.2 | — |
| CVE-2022-25881 | high | — | http-cache-semantics | 4.1.0 | — |
| CVE-2022-25883 | high | — | semver | 6.3.0 | — |
| CVE-2023-30861 | high | — | flask | 2.1.3 | — |
| CVE-2023-51449 | high | — | gradio | 3.50.2 | — |
| CVE-2024-0964 | high | — | gradio | 3.50.2 | — |
| CVE-2024-10110 | high | — | aim | 3.23.0 | — |
| CVE-2024-1135 | high | — | gunicorn | 20.1.0 | — |
| CVE-2024-11392 | high | — | transformers | 4.36.2 | — |
| CVE-2024-11393 | high | — | transformers | 4.36.2 | — |
| CVE-2024-11394 | high | — | transformers | 4.36.2 | — |
| CVE-2024-12778 | high | — | aim | 3.23.0 | — |
| CVE-2024-1561 | high | — | gradio | 3.50.2 | — |
| CVE-2024-21536 | high | — | http-proxy-middleware | 2.0.6 | — |
| CVE-2024-21538 | high | — | cross-spawn | 7.0.3 | — |
| CVE-2024-2206 | high | — | gradio | 3.50.2 | — |
| CVE-2024-24762 | high | — | python-multipart | 0.0.6 | — |
| CVE-2024-29415 | high | — | ip | 2.0.0 | — |
| CVE-2024-34069 | high | — | werkzeug | 2.3.8 | — |
| CVE-2024-34510 | high | — | gradio | 3.50.2 | — |
| CVE-2024-35178 | high | — | jupyter-server | 2.10.0 | — |
| CVE-2024-35515 | high | — | sqlitedict | 2.1.0 | — |
| CVE-2024-37059 | high | — | mlflow | 3.1.4 | — |
| CVE-2024-37890 | high | — | ws | 7.5.9 | — |
| CVE-2024-39705 | high | — | nltk | 3.8.1 | — |
| CVE-2024-4068 | high | — | braces | 3.0.2 | — |
| CVE-2024-4325 | high | — | gradio | 3.50.2 | — |
| CVE-2024-45296 | high | — | path-to-regexp | 0.1.7 | — |
| CVE-2024-45590 | high | — | body-parser | 1.20.2 | — |
| CVE-2024-47068 | high | — | rollup | 2.79.1 | — |
| CVE-2024-47084 | high | — | gradio | 3.50.2 | — |
| CVE-2024-47867 | high | — | gradio | 3.50.2 | — |
| CVE-2024-47870 | high | — | gradio | 3.50.2 | — |
| CVE-2024-47871 | high | — | gradio | 3.50.2 | — |
| CVE-2024-4941 | high | — | gradio | 3.50.2 | — |
| CVE-2024-5187 | high | — | onnx | 1.16.0 | — |
| CVE-2024-52798 | high | — | path-to-regexp | 0.1.7 | — |
| CVE-2024-53981 | high | — | python-multipart | 0.0.6 | — |
| CVE-2024-6221 | high | — | flask-cors | 4.0.0 | — |
| CVE-2024-6827 | high | — | gunicorn | 20.1.0 | — |
| CVE-2024-7776 | high | — | onnx | 1.16.0 | — |
| CVE-2024-8020 | high | — | pytorch-lightning | 1.8.6 | — |
| CVE-2024-8061 | high | — | aim | 3.23.0 | — |
| CVE-2024-8966 | high | — | gradio | 3.50.2 | — |
| CVE-2025-0189 | high | — | aim | 3.23.0 | — |
| CVE-2025-0190 | high | — | aim | 3.23.0 | — |
| CVE-2025-10279 | high | — | mlflow | 3.1.4 | — |
| CVE-2025-12060 | high | — | keras | 2.15.0 | — |
| CVE-2025-12816 | high | — | node-forge | 1.3.1 | — |
| CVE-2025-14279 | high | — | mlflow | 3.1.4 | — |
| CVE-2025-14287 | high | — | mlflow | 3.1.4 | — |
| CVE-2025-15031 | high | — | mlflow | 3.1.4 | — |
| CVE-2025-15381 | high | — | mlflow | 3.1.4 | — |
| CVE-2025-27152 | high | — | axios | 0.21.4 | — |
| CVE-2025-30167 | high | — | jupyter-core | 5.5.0 | — |
| CVE-2025-53000 | high | — | nbconvert | 6.5.4 | — |
| CVE-2025-57809 | high | — | xgrammar | 0.1.19 | — |
| CVE-2025-6176 | high | — | brotli | 1.1.0 | — |
| CVE-2025-62703 | high | — | fugue | 0.8.7 | — |
| CVE-2025-66031 | high | — | node-forge | 1.3.1 | — |
| CVE-2025-66416 | high | — | mcp | 1.22.0 | — |
| CVE-2025-66418 | high | — | urllib3 | 1.26.19 | — |
| CVE-2025-66471 | high | — | urllib3 | 1.26.19 | — |
| CVE-2025-67221 | high | — | orjson | 3.9.15 | — |
| CVE-2025-9906 | high | — | keras | 2.15.0 | — |
| CVE-2026-0846 | high | — | nltk | 3.8.1 | — |
| CVE-2026-0847 | high | — | nltk | 3.8.1 | — |
| CVE-2026-0994 | high | — | protobuf | 4.25.8 | — |
| CVE-2026-1260 | high | — | sentencepiece | 0.1.96 | — |
| CVE-2026-1462 | high | — | keras | 2.15.0 | — |
| CVE-2026-2033 | high | — | mlflow | 3.1.4 | — |
| CVE-2026-21226 | high | — | azure-core | 1.29.5 | — |
| CVE-2026-21441 | high | — | urllib3 | 1.26.19 | — |
| CVE-2026-22029 | high | — | @remix-run/router | 1.0.3 | — |
| CVE-2026-23745 | high | — | tar | 6.1.11 | — |
| CVE-2026-23949 | high | — | jaraco-context | 5.3.0 | — |
| CVE-2026-23950 | high | — | tar | 6.1.11 | — |
| CVE-2026-24049 | high | — | wheel | 0.45.1 | — |
| CVE-2026-24486 | high | — | python-multipart | 0.0.6 | — |
| CVE-2026-24842 | high | — | tar | 6.1.11 | — |
| CVE-2026-25048 | high | — | xgrammar | 0.1.19 | — |
| CVE-2026-25639 | high | — | axios | 0.21.4 | — |
| CVE-2026-25990 | high | — | pillow | 10.4.0 | — |
| CVE-2026-26007 | high | — | cryptography | 44.0.3 | — |
| CVE-2026-26960 | high | — | tar | 6.1.11 | — |
| CVE-2026-26996 | high | — | minimatch | 5.1.6 | — |
| CVE-2026-27459 | high | — | pyopenssl | 25.0.0 | — |
| CVE-2026-27489 | high | — | onnx | 1.16.0 | — |
| CVE-2026-27606 | high | — | rollup | 2.79.1 | — |
| CVE-2026-27903 | high | — | minimatch | 5.1.6 | — |
| CVE-2026-27904 | high | — | minimatch | 5.1.6 | — |
| CVE-2026-27932 | high | — | joserfc | 1.5.0 | — |
| CVE-2026-28414 | high | — | gradio | 3.50.2 | — |
| CVE-2026-28416 | high | — | gradio | 3.50.2 | — |
| CVE-2026-28500 | high | — | onnx | 1.16.0 | — |
| CVE-2026-29074 | high | — | svgo | 2.8.0 | — |
| CVE-2026-29786 | high | — | tar | 6.1.11 | — |
| CVE-2026-30922 | high | — | pyasn1 | 0.5.1 | — |
| CVE-2026-31802 | high | — | tar | 6.1.11 | — |
| CVE-2026-31958 | high | — | tornado | 6.5.4 | — |
| CVE-2026-32141 | high | — | flatted | 3.2.7 | — |
| CVE-2026-32274 | high | — | black | 22.10.0 | — |
| CVE-2026-32597 | high | — | pyjwt | 2.8.0 | — |
| CVE-2026-32874 | high | — | ujson | 5.10.0 | — |
| CVE-2026-32875 | high | — | ujson | 5.10.0 | — |
| CVE-2026-33079 | high | — | mistune | 3.2.0 | — |
| CVE-2026-33228 | high | — | flatted | 3.2.7 | — |
| CVE-2026-33231 | high | — | nltk | 3.8.1 | — |
| CVE-2026-33236 | high | — | nltk | 3.8.1 | — |
| CVE-2026-33671 | high | — | picomatch | 2.3.1 | — |
| CVE-2026-33891 | high | — | node-forge | 1.3.1 | — |
| CVE-2026-33894 | high | — | node-forge | 1.3.1 | — |
| CVE-2026-33895 | high | — | node-forge | 1.3.1 | — |
| CVE-2026-33896 | high | — | node-forge | 1.3.1 | — |
| CVE-2026-34445 | high | — | onnx | 1.16.0 | — |
| CVE-2026-35397 | high | — | jupyter-server | 2.10.0 | — |
| CVE-2026-35536 | high | — | tornado | 6.5.4 | — |
| CVE-2026-40110 | high | — | jupyter-server | 2.10.0 | — |
| CVE-2026-40171 | high | — | jupyterlab | 4.5.1 | — |
| CVE-2026-40192 | high | — | pillow | 10.4.0 | — |
| CVE-2026-40934 | high | — | jupyter-server | 2.10.0 | — |
| CVE-2026-41066 | high | — | lxml | 6.0.2 | — |
| CVE-2026-42033 | high | — | axios | 0.21.4 | — |
| CVE-2026-42035 | high | — | axios | 0.21.4 | — |
| CVE-2026-42043 | high | — | axios | 0.21.4 | — |
| CVE-2026-42215 | high | — | gitpython | 3.1.44 | — |
| CVE-2026-42266 | high | — | jupyterlab | 4.5.1 | — |
| CVE-2026-42284 | high | — | gitpython | 3.1.44 | — |
Showing 141 of 500