Vulnerability	Vulnerable Version
H Deserialization of Untrusted Data nemo-toolkit is a NeMo - a toolkit for Conversational AI Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to the deserialization of untrusted data. An attacker can execute arbitrary code and tamper with data by providing specially crafted input that is deserialized without proper validation. How to fix Deserialization of Untrusted Data? Upgrade `nemo-toolkit` to version 2.3.2 or higher.	[,2.3.2)
H Directory Traversal nemo-toolkit is a NeMo - a toolkit for Conversational AI Affected versions of this package are vulnerable to Directory Traversal via the model loading process. An attacker can execute arbitrary code and tamper with data by supplying a `.nemo` file containing maliciously crafted metadata. How to fix Directory Traversal? Upgrade `nemo-toolkit` to version 2.3.2 or higher.	[,2.3.2)

Deserialization of Untrusted Data

nemo-toolkit is a NeMo - a toolkit for Conversational AI

Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to the deserialization of untrusted data. An attacker can execute arbitrary code and tamper with data by providing specially crafted input that is deserialized without proper validation.

How to fix Deserialization of Untrusted Data?

Upgrade nemo-toolkit to version 2.3.2 or higher.

[,2.3.2)

Directory Traversal

nemo-toolkit is a NeMo - a toolkit for Conversational AI

Affected versions of this package are vulnerable to Directory Traversal via the model loading process. An attacker can execute arbitrary code and tamper with data by supplying a .nemo file containing maliciously crafted metadata.

How to fix Directory Traversal?

Upgrade nemo-toolkit to version 2.3.2 or higher.

[,2.3.2)

Go back to all versions of this package