CVE-2022-22821

CWE-22Path Traversal4 documents4 sources
Severity
4.4MEDIUM
EPSS
0.2%
top 63.84%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Nvidia Nemo
Timeline
PublishedJan 10
Latest updateJan 11

Description

NVIDIA NeMo before 1.6.0 contains a vulnerability in ASR WebApp, in which ../ Path Traversal may lead to deletion of any directory when admin privileges are available.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:NExploitability: 0.6 | Impact: 1.4

Affected Packages2 packages

NVDnvidia/nemo< 1.6.0
PyPInemo-toolkit< 1.6.0

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

3
GHSA
Path Traversal in nemo-toolkit2022-01-11
OSV
Path Traversal in nemo-toolkit2022-01-11
CVEList
CVE-2022-22821: NVIDIA NeMo before 12022-01-08
CVE-2022-22821 (MEDIUM CVSS 4.4) | NVIDIA NeMo before 1.6.0 contains a | cvebase.io