cbcvebase.
CVE-2024-9365
published 2025-03-20

CVE-2024-9365: A Cross-Site Request Forgery (CSRF) vulnerability in polyaxon/polyaxon v2.4.0 allows attackers to perform unauthorized actions in the context of the victim's…

PriorityP429medium6.5CVSS 3.0
AVNACLPRNUIRSUCNIHAN
EPSS
0.23%
13.7th percentile
A Cross-Site Request Forgery (CSRF) vulnerability in polyaxon/polyaxon v2.4.0 allows attackers to perform unauthorized actions in the context of the victim's browser. This includes creating projects, model versions, and artifact versions, or changing settings. The impact of this vulnerability includes potential data loss and service disruption.

Affected

1 ranges
VendorProductVersion rangeFixed in
polyaxonpolyaxon_polyaxonunspecified – latest
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.