nvidia-pytriton@0.4.1 vulnerabilities

nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments.

Affected versions of this package are vulnerable to Command Injection via StubLauncher::StubLauncher in the Python backend. An attacker could cause a remote code execution by manipulating the model name parameter in the model control APIs.

Note: This vulnerability is only exploitable when using the default bundled Python backend /pytriton/tritonserver/backends/python/libtriton_python.so.

There is no fixed version for nvidia-pytriton.

nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments.

Affected versions of this package are vulnerable to Double Free via the cancellation handling for gRPC non-decoupled inference. An attacker can cause a double free by sending multiple requests, causing a stream to be cancelled before it is processed. A successful exploit of this vulnerability might result in a denial of service.

Note: This vulnerability is only exploitable when using the default bundled Triton Server binary /pytriton/tritonserver/bin/tritonserver.

There is no fixed version for nvidia-pytriton.

nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments.

Affected versions of this package are vulnerable to Out-of-bounds Write via the HTTP and Sagemaker request handler. An attacker could cause an out-of-bounds write through by sending an HTTP request with chunked transfer encoding containing a large number of chunks. A successful exploit of this vulnerability might lead to denial of service.

This vulnerability is only exploitable when using the default Triton Server binary bundled in /pytriton/tritonserver/bin/tritonserver.

It is possible to update the Triton Server binary to a patched version independently of PyTriton; See Building binaries from source.

There is no fixed version for nvidia-pytriton.

nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments.

Affected versions of this package are vulnerable to Incorrect Initialization of Resource via CUDA SHM region registration. An attacker can cause a network issue, leading to information disclosure via detailed error information.

Note: This vulnerability is only applicable when deployed on Linux systems

This vulnerability is only exploitable when using the default bundled Triton Server /pytriton/tritonserver/bin/tritonserver.

Upgrade nvidia-pytriton to version 0.5.8 or higher.

nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments.

Affected versions of this package are vulnerable to Integer Overflow or Wraparound via element count handling. An attacker could cause a denial of service and data tampering through specially crafted inputs containing overly large or negative values.

This vulnerability is only exploitable when using the default bundled Triton Server binary /pytriton/tritonserver/bin/tritonserver.

There is no fixed version for nvidia-pytriton.

nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments.

Affected versions of this package are vulnerable to Out-of-bounds Read via the MemoryShm::byte_size in the embedded Python backend. An attacker can cause an information disclosure by overwriting MemoryShm::byte_size data with a very large value. Successful exploitation of this vulnerability will cause the identity model to read a large chunk of sensitive data (e.g., glibc.so) as an input tensor, copy it to the output tensor, and send it back to the client.

Note: This vulnerability is only exploitable when using the default bundled Python backend /pytriton/tritonserver/backends/python/libtriton_python.so.

There is no fixed version for nvidia-pytriton.

nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments.

Affected versions of this package are vulnerable to Uncontrolled Recursion via the ReadDataFromJsonHelper() and JsonBytesArrayByteSize() functions. An attacker can cause a denial of service through specially crafted inputs containing nested JSON structures.

This vulnerability is only exploitable when using the default bundled Triton Server binary /pytriton/tritonserver/bin/tritonserver.

There is no fixed version for nvidia-pytriton.

nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments.

Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the memory allocation security in HTTP and Sagemaker request handler. An attacker could cause a stack buffer overflow by using specially crafted inputs. A successful exploit of this vulnerability might lead to remote code execution, denial of service, information disclosure, and data tampering.

Note: This vulnerability is only exploitable when using the default bundled Triton Server /pytriton/tritonserver/bin/tritonserver.

There is no fixed version for nvidia-pytriton.

nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments.

Affected versions of this package are vulnerable to Buffer Access with Incorrect Length Value via the MessageQueueShm class in the bundled Python backend. An attacker could cause an out-of-bounds write by sending a specially crafted request, leading to information disclosure, denial of service, or remote code execution, through corruption of existing data structures within the backend's shared memory.

Note: This vulnerability is only exploitable when using the default bundled Python backend /pytriton/tritonserver/backends/python/libtriton_python.so.

A fix was pushed into the master branch but not yet published.

nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments.

Affected versions of this package are vulnerable to Improper Output Neutralization for Logs via the logging extension. An attacker can inject forged logs and executable commands by injecting arbitrary data as a new log entry. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

This vulnerability is only exploitable when using the default Triton Server binary bundled in /pytriton/tritonserver/bin/tritonserver.

It is possible to update the Triton Server binary to a patched version independently of PyTriton; See Building binaries from source.

Upgrade nvidia-pytriton to version 0.5.8 or higher.

nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments.

Affected versions of this package are vulnerable to Buffer Access with Incorrect Length Value via the MessageQueue class in the bundled Python backend. An attacker could cause an out-of-bounds write by sending a specially crafted request, leading to information disclosure, denial of service, or remote code execution, through corruption of existing data structures within the backend's shared memory.

Note: This vulnerability is only exploitable when using the default bundled Python backend /pytriton/tritonserver/backends/python/libtriton_python.so and requires the attacker to obtain the shared memory key of a legitimate user-owned region.

There is no fixed version for nvidia-pytriton.

nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments.

Affected versions of this package are vulnerable to Information Exposure via the SharedMemoryManager::GrowIfNeeded function in the bundled Python backend. An attacker could cause the shared memory limit to be exceeded by sending a large request, leading to information disclosure. The resulting error message improperly includes the unique name of the backend's internal IPC shared memory region.

There is no fixed version for nvidia-pytriton.