NVFLARE, versions before 2.1.4, contains a vulnerability that deserialization of Untrusted Data due to Pickle usage may allow an unprivileged network malicious user to cause Remote Code Execution, Denial Of Service, and Impact to both Confidentiality and Integrity.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
nvidia nvflare |