CVE-2024-0081

NVIDIA NeMo framework for Ubuntu contains a vulnerability in tools/asr_webapp where an attacker may cause an allocation of resources without limits or throttling. A successful exploit of this vulnerability may lead to a server-side denial of service.

CVSS v3 8.6 HIGH

8.6^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 4.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://github.com/NVIDIA/NeMo/security/advisories/GHSA-x392-p65g-4rxx
https://github.com/NVIDIA/NeMo/security/advisories/GHSA-x392-p65g-4rxx

Configurations

No configuration.

History

21 Nov 2024, 08:45

Type	Values Removed	Values Added
References	~~() https://github.com/NVIDIA/NeMo/security/advisories/GHSA-x392-p65g-4rxx -~~	() https://github.com/NVIDIA/NeMo/security/advisories/GHSA-x392-p65g-4rxx -

08 Apr 2024, 18:49

Type	Values Removed	Values Added
Summary		(es) El framework NVIDIA NeMo para Ubuntu contiene una vulnerabilidad en tools/asr_webapp donde un atacante puede provocar una asignación de recursos sin límites ni estrangulaciones. Una explotación exitosa de esta vulnerabilidad puede provocar una denegación de servicio del lado del servidor.

05 Apr 2024, 19:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-04-05 19:15

Updated : 2024-11-21 08:45

NVD link : CVE-2024-0081

Mitre link : CVE-2024-0081

CVE.ORG link : CVE-2024-0081

JSON object : View

Products Affected

No product.

CWE

CWE-770

Allocation of Resources Without Limits or Throttling

8.6 /10