CVE-2021-39158
- Source
- https://cve.org/CVERecord?id=CVE-2021-39158
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-39158.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2021-39158
- Related
- Published
- 2021-08-23T21:15:09.643Z
- Modified
- 2026-02-04T02:19:58.058358Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
NVCaffe's python required dependencies list used to contain
gfortranversion prior to 0.17.4, entry which does not exist in the repository pypi.org. An attacker could potentially have posted malicious files to pypi.org causing a user to install it within NVCaffe. - References
Affected packages
Git / github.com/nvidia/caffe
Affected ranges
- Type
- GIT
- Repo
- https://github.com/nvidia/caffe
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
v0.*
v0.10.0
v0.11.0
v0.11.1
v0.12.0
v0.12.1
v0.13.0
v0.13.1
v0.13.2
v0.14-alpha
v0.14.0
v0.14.0-beta
v0.14.0-beta.1
v0.14.0-rc.1
v0.14.0-rc.2
v0.14.0-rc.3
v0.14.1
v0.14.2
v0.14.3
v0.15.1
v0.15.10
v0.15.11
v0.15.12
v0.15.13
v0.15.14
v0.15.2
v0.15.3
v0.15.4
v0.15.5
v0.15.6
v0.15.7
v0.15.8
v0.15.9
v0.16.1
v0.16.2
v0.16.3
v0.16.4
v0.16.5
v0.16.6
v0.17.0
v0.17.1
v0.17.2
v0.17.3