Vulnerabilities > Nvidia > Nvflare
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-07-01 | CVE-2022-31604 | Deserialization of Untrusted Data vulnerability in Nvidia Nvflare NVFLARE, versions prior to 2.1.2, contains a vulnerability in its PKI implementation module, where The CA credentials are transported via pickle and no safe deserialization. | 7.5 |
2022-07-01 | CVE-2022-31605 | Deserialization of Untrusted Data vulnerability in Nvidia Nvflare NVFLARE, versions prior to 2.1.2, contains a vulnerability in its utils module, where YAML files are loaded via yaml.load() instead of yaml.safe_load(). | 7.5 |