CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-39158

NVCaffe's python required dependencies list used to contain `gfortran`version prior to 0.17.4, entry which does not exist in the repository pypi.org. An attacker could potentially have posted malicious files to pypi.org causing a user to install it within NVCaffe.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 35.1%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.8

References

https://github.com/NVIDIA/caffe/security/advisories/GHSA-fmpp-8pwg-vwh9
https://github.com/NVIDIA/caffe/security/advisories/GHSA-fmpp-8pwg-vwh9

Products affected by CVE-2021-39158

Nvidia » Nvcaffe » Version: Any

cpe:2.3:a:nvidia:nvcaffe:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-39158

Products

Pricing

Contact Us