Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The clustered setup of Apache MXNet allows users to specify which IP address and port the scheduler will listen on via the DMLC_PS_ROOT_URI and DMLC_PS_ROOT_PORT env variables. In versions older than 1.0.0, however, the MXNet framework will listen on 0.0.0.0 rather than user specified DMLC_PS_ROOT_URI once a scheduler node is initialized. This exposes the instance running MXNet to any attackers reachable via the interface they didn't expect to be listening on. For example: If a user wants to run a clustered setup locally, they may specify to run on 127.0.0.1. But since MXNet will listen on 0.0.0.0, it makes the port accessible on all network interfaces.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apache MXNet 信息泄露漏洞
Vulnerability Description
Apache MXNet是美国阿帕奇(Apache)软件基金会的一套可扩展的深度学习框架。 Apache MXNet 1.0.0之前版本中存在信息泄露漏洞。攻击者可利用该漏洞将运行有MXNet的实例暴露给攻击者。
CVSS Information
N/A
Vulnerability Type
N/A