Unrated severityNVD Advisory· Published Aug 23, 2021· Updated Aug 4, 2024
Dependency injection in NVCaffe
CVE-2021-39158
Description
NVCaffe's python required dependencies list used to contain gfortranversion prior to 0.17.4, entry which does not exist in the repository pypi.org. An attacker could potentially have posted malicious files to pypi.org causing a user to install it within NVCaffe.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- NVIDIA/caffev5Range: <= 0.17.4
Patches
Vulnerability mechanics
References
1- github.com/NVIDIA/caffe/security/advisories/GHSA-fmpp-8pwg-vwh9mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.