PYSEC-2023-81

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/mindspore/PYSEC-2023-81.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2023-81
Aliases
Published
2023-05-30T06:16:00Z
Modified
2023-11-08T04:12:21.122851Z
Summary
[none]
Details

A vulnerability classified as problematic was found in MindSpore 2.0.0-alpha/2.0.0-rc1. This vulnerability affects the function JsonHelper::UpdateArray of the file mindspore/ccsrc/minddata/dataset/util/json_helper.cc. The manipulation leads to memory corruption. The name of the patch is 30f4729ea2c01e1ed437ba92a81e2fc098d608a9. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-230176.

References

Affected packages

PyPI / mindspore

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.2.0
0.3.1
0.7.0

1.*

1.0.0
1.0.1
1.1.0
1.1.1
1.2.0
1.2.1
1.3.0
1.5.2
1.6.2
1.7.0
1.8.0
1.8.1
1.9.0
1.10.0

2.*

2.0.0a0
2.0.0rc1
2.0.0