Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
NVIDIA NeMo library for all platforms contains a vulnerability in the model loading component, where an attacker could cause code injection by loading .nemo files with maliciously crafted metadata. A successful exploit of this vulnerability may lead to remote code execution and data tampering.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
NVIDIA NeMo library 路径遍历漏洞
Vulnerability Description
NVIDIA NeMo library是美国英伟达(NVIDIA)公司的一个深度学习工具库。 NVIDIA NeMo library存在路径遍历漏洞,该漏洞源于模型加载组件可能导致代码注入,可能导致远程代码执行和数据篡改。
CVSS Information
N/A
Vulnerability Type
N/A