NVIDIA NeMo contains a vulnerability in SaveRestoreConnector where a user may cause a path traversal issue via an unsafe .tar file extraction. A successful exploit of this vulnerability may lead to code execution and data tampering.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://nvidia.custhelp.com/app/answers/detail/a_id/5580 |
History
Fri, 08 Nov 2024 16:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Apple
Apple macos Linux Linux linux Kernel Microsoft Microsoft windows Nvidia Nvidia nemo |
|
CPEs | cpe:2.3:a:nvidia:nemo:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
|
Vendors & Products |
Apple
Apple macos Linux Linux linux Kernel Microsoft Microsoft windows Nvidia Nvidia nemo |
Tue, 15 Oct 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 15 Oct 2024 05:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | NVIDIA NeMo contains a vulnerability in SaveRestoreConnector where a user may cause a path traversal issue via an unsafe .tar file extraction. A successful exploit of this vulnerability may lead to code execution and data tampering. | |
Weaknesses | CWE-22 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: nvidia
Published: 2024-10-15T05:39:01.225Z
Updated: 2024-10-15T13:50:24.936Z
Reserved: 2023-12-02T00:42:39.327Z
Link: CVE-2024-0129
Vulnrichment
Updated: 2024-10-15T13:50:21.169Z
NVD
Status : Analyzed
Published: 2024-10-15T06:15:02.520
Modified: 2024-11-08T15:33:26.137
Link: CVE-2024-0129
Redhat
No data.