PYSEC-2024-289

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/nemo-asr/PYSEC-2024-289.yaml

JSON Data

https://api.osv.dev/v1/vulns/PYSEC-2024-289

Aliases

CVE-2024-0081
GHSA-x392-p65g-4rxx

Published

2024-04-05T19:15:07.033Z

Modified

2026-05-21T15:00:08.668372732Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

NVIDIA NeMo framework for Ubuntu contains a vulnerability in tools/asr_webapp where an attacker may cause an allocation of resources without limits or throttling. A successful exploit of this vulnerability may lead to a server-side denial of service.

References

https://github.com/NVIDIA/NeMo/security/advisories/GHSA-x392-p65g-4rxx

Affected packages

PyPI / nemo-asr

Package

Name: nemo-asr; View open source insights on deps.dev
Purl: pkg:pypi/nemo-asr

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

1.22.0

Affected versions

0.*

0.8

0.8.1

0.8.2

0.9.0

Database specific

source

"https://github.com/pypa/advisory-database/blob/main/vulns/nemo-asr/PYSEC-2024-289.yaml"