Browse all 19 CVE security advisories affecting vantage6. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Vantage6 is a federated learning platform enabling collaborative data analysis without centralizing sensitive information. Historically, it has faced vulnerabilities across multiple classes, including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation, with 19 CVEs documented. The platform's distributed architecture introduces unique attack surfaces, particularly in node communication and authentication mechanisms. While no major public security incidents have been widely reported, the consistent presence of diverse CVEs suggests ongoing challenges in securing its complex distributed environment. The platform's security posture appears to prioritize functionality over robustness, with vulnerabilities spanning input validation, access control, and secure communication flaws.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-24562 | Security headers not set in vantage6-UI — vantage6-UICWE-693 | 5.4 | Medium | 2024-03-14 |
| CVE-2024-22200 | vantage6-UI docker image leaks software version information — vantage6-UICWE-200 | 3.3 | Low | 2024-01-30 |
This page lists every published CVE security advisory associated with vantage6. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.