Latest version: v2.5.1
| CVE/PVE | Vulnerability ID | Advisory | Affected versions | Severity | Severity Score |
|---|---|---|---|---|---|
| CVE-2024-34069 | 72506 |
Nvflare has upgraded the installation dependency, Werkzeug, to versio… |
|
- | - |
| PVE-2024-72482 | 72482 |
Certain versions of Nvflare are vulnerable to a race condition. The p… |
|
- | - |
| CVE-2024-34069 | 73134 |
NVFlare has updated its dependency on Werkzeug from version 3.0.1 to … |
|
- | - |
| PVE-2024-72751 | 72751 |
Nvflare addresses a potential race condition in the PipeHandler compo… |
|
- | - |
| CVE-2023-30861 | 59210 |
Nvflare 2.4.0rc1 updates its dependency 'flask' to version '2.2.5' to… |
|
HIGH | 7.5 |
| PVE-2023-54928 | 54928 |
Nvflare 2.3.0 uses secure logging for exceptions to avoid disclosing … |
|
- | - |
| PVE-2022-49491 | 49491 |
Nvflare 2.1.2 includes a fix for a DoS vulnerability in the admin con… |
|
- | - |
| PVE-2022-49496 | 49496 |
Nvflare 2.1.1 adds SecurityContentService for runner_process. https:… |
|
- | - |
| PVE-2022-49489 | 49489 |
Nvflare 2.1.1 signs and loads privilege yaml file by secure content s… |
|
- | - |
| PVE-2022-49498 | 49498 |
Nvflare 2.1.1 fixes a bug in 'ls' command that allowed path traversal… |
|
- | - |
| CVE-2022-34668 | 54069 |
Nvflare 2.1.4 includes a fix for CVE-2022-34668: Deserialization of U… |
|
CRITICAL | 9.8 |
| CVE-2022-31605 | 54410 |
NVFLARE, versions prior to 2.1.2, contains a vulnerability in its uti… |
|
CRITICAL | 9.8 |
| CVE-2022-31604 | 54409 |
NVFLARE, versions prior to 2.1.2, contains a vulnerability in its PKI… |
|
CRITICAL | 9.8 |
| CVE-2022-21822 | 54415 |
### Impact NVIDIA FLARE contains a vulnerability in Admin Interface, … |
|
HIGH | 7.5 |