Security problem while trying to deploy Ray Serve in pre-PROD

While trying to deploy Ray serve in pre-PROD environment, we receive alert that “Using directory traversal techniques, a malicious user can access known files outside of the Web root. This is made possible through the use of”. Any clue to fix this?

Can you post the full alert?

The rest are " This is made possible through the use of “…/”, “…”, “…/”, “…/”, or “…/”, etc., sequences in an HTTP request."

The idea is the “directory traversal attack” security issue was detect in RayServe. Any clue?

Hi I think Serve doesn’t have any of these. It might be the use of Ray dashboard. Can you try disable the dashboard via ray.init(include_dashboard=False) or ray start --include-dasbhoard=false?