CVE-2024-11602

NONE EPSS 20.0%
Published Mar 20, 20251y ago · Modified Jun 17, 20261w ago
Find Similar
Published Mar 20, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

A Cross-Origin Resource Sharing (CORS) vulnerability exists in feast-dev/feast version 0.40.0. The CORS configuration on the agentscope server does not properly restrict access to only trusted origins, allowing any external domain to make requests to the API. This can bypass intended security controls and potentially expose sensitive information.

Threat Intelligence

EPSS Exploit Probability
20.0% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-346

References 1

  • huntr.com https://huntr.com/bounties/7b24ecbe-0af7-4125-ab56-bce09786042e

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.