Описание
Deeplearning4J is a suite of tools for deploying and training deep learning models using the JVM. Packages org.deeplearning4j:dl4j-examples and org.deeplearning4j:platform-tests through version 1.0.0-M2.1 may use some unclaimed S3 buckets in tests in examples. This is likely affect people who use some older NLP examples that reference an old S3 bucket. The problem has been patched. Users should upgrade to snapshots as Deeplearning4J plan to publish a release with the fix at a later date. As a workaround, download a word2vec google news vector from a new source using git lfs from here.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.0.0 (исключая)
Одно из
cpe:2.3:a:eclipse:deeplearning4j:*:*:*:*:*:*:*:*
cpe:2.3:a:eclipse:deeplearning4j:1.0.0:beta5:*:*:*:*:*:*
cpe:2.3:a:eclipse:deeplearning4j:1.0.0:beta6:*:*:*:*:*:*
cpe:2.3:a:eclipse:deeplearning4j:1.0.0:beta7:*:*:*:*:*:*
cpe:2.3:a:eclipse:deeplearning4j:1.0.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:eclipse:deeplearning4j:1.0.0:milestone1.1:*:*:*:*:*:*
cpe:2.3:a:eclipse:deeplearning4j:1.0.0:milestone2:*:*:*:*:*:*
EPSS
Процентиль: 44%
0.0022
Низкий
5.3 Medium
CVSS3
5.3 Medium
CVSS3
Дефекты
CWE-344
CWE-330
Связанные уязвимости
CVSS3: 5.3
github
около 3 лет назад
Use of unclaimed s3 bucket in tests and examples
EPSS
Процентиль: 44%
0.0022
Низкий
5.3 Medium
CVSS3
5.3 Medium
CVSS3
Дефекты
CWE-344
CWE-330