mxnet@0.12.0 vulnerabilities

Apache MXNet is an ultra-scalable deep learning framework. This version uses openblas and MKLDNN.

Direct Vulnerabilities

Known vulnerabilities in the mxnet package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Regular Expression Denial of Service (ReDoS)

Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS). Exploiting this vulnerability is possible by loading a model in Apache MXNet that has a specially crafted operator name.

How to fix Regular Expression Denial of Service (ReDoS)?

Upgrade mxnet to version 1.9.1 or higher.

[,1.9.1)
  • H
Man-in-the-Middle (MitM)

mxnet MXNet is an scalable deep learning framework.

Affected versions of this package are vulnerable to Man-in-the-Middle (MitM). Mxnet listens on all available interfaces when running training in distributed mode.

How to fix Man-in-the-Middle (MitM)?

Upgrade mxnet to version 1.0.0 or higher.

[,1.0.0)