CVE-2024-0129: NVIDIA NeMo contains a vulnerability in SaveRestoreConnector where a user may cause a path traversal issue via an unsafe .tar file extraction. A successful…

high7.8CVSS 3.1

AVLACLPRLUINSUCHIHAH

NVIDIA NeMo contains a vulnerability in SaveRestoreConnector where a user may cause a path traversal issue via an unsafe .tar file extraction. A successful exploit of this vulnerability may lead to code execution and data tampering.

Affected

2 ranges

Vendor	Product	Version range	Fixed in
nvidia	nemo	<= r2.0.0rc0	—
nvidia	nemo	—	—