Safety vulnerability ID: 67144
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Super-gradients 3.6.1 updates its ONNX dependency to version 1.16 to address a directory traversal vulnerability found in versions up to 1.15.0. This vulnerability allowed unauthorized access to files outside the intended directories due to an exploitable external_data field in tensor proto, circumventing previous fixes made for CVE-2022-25882.
Latest version: 3.7.1
SuperGradients
New Features
* Added DistributedSamplerWrapper to automatically wrap non-dist samplers in cases we use dist mode by NatanBagrov in https://github.com/Deci-AI/super-gradients/pull/1856
* YoloNAS_Pose_Fine_Tuning_Animals_Pose_Dataset by ofrimasad in https://github.com/Deci-AI/super-gradients/pull/1876
* Introduce fp16 flag to enable/disable mixed precision for predict() by BloodAxe in https://github.com/Deci-AI/super-gradients/pull/1881
* Feature/sg 1386 granular control over export in ptq and qat by BloodAxe in https://github.com/Deci-AI/super-gradients/pull/1879
Deprecations
* Deprecate tight_box_rotation parameters in COCODetectionDataset by BloodAxe in https://github.com/Deci-AI/super-gradients/pull/1786
Improvements
* `pycocotools` dependency removed by BloodAxe in https://github.com/Deci-AI/super-gradients/pull/1791
* Added explicit antialias=False to ensure we can export torchvision Resize to ONNX by BloodAxe in https://github.com/Deci-AI/super-gradients/pull/1824
* Updated colab notebook to include line that initializes plugins by BloodAxe in https://github.com/Deci-AI/super-gradients/pull/1822
* Feature/sg 000 add note that qat only supports gpu by shaydeci in https://github.com/Deci-AI/super-gradients/pull/1830
* Added more hydra resolvers by NatanBagrov in https://github.com/Deci-AI/super-gradients/pull/1829
* Added crash tip for the case when SGLogger is None by shaydeci in https://github.com/Deci-AI/super-gradients/pull/1799
* Added YoloNAS-Pose fine-tuning notebook by BloodAxe in https://github.com/Deci-AI/super-gradients/pull/1831
* allow flexibility to provide absolute path to annotations by NatanBagrov in https://github.com/Deci-AI/super-gradients/pull/1840
* fix vulnerabilities by ofrimasad in https://github.com/Deci-AI/super-gradients/pull/1861
* fix onnx version by ofrimasad in https://github.com/Deci-AI/super-gradients/pull/1863
* fix tarfile extraction by ofrimasad in https://github.com/Deci-AI/super-gradients/pull/1868
Bugfixes
* fixed an issue with eval forcing to have a val_dataloader in config by NatanBagrov in https://github.com/Deci-AI/super-gradients/pull/1823
* Fix typo error in ann_areas vs ann_area attribute by BloodAxe in https://github.com/Deci-AI/super-gradients/pull/1828
* Added fixed random seed to not depend of randomness of initialized weights by BloodAxe in https://github.com/Deci-AI/super-gradients/pull/1839
* Fixed a wrong color channel order when processing images from webcamera and improved exception message when on MacOS by BloodAxe in https://github.com/Deci-AI/super-gradients/pull/1821
* Bugfix by ofrimasad in https://github.com/Deci-AI/super-gradients/pull/1874
* fix a bug when ploting a dataset with images in a range other than 0-255 by ofrimasad in https://github.com/Deci-AI/super-gradients/pull/1884
* Fixed speed of COCO dataset parsing by BloodAxe in https://github.com/Deci-AI/super-gradients/pull/1888
Other
* Update welcome.md by ofrimasad in https://github.com/Deci-AI/super-gradients/pull/1790
* Update README.md - voxel51 integration by Shani-Perl in https://github.com/Deci-AI/super-gradients/pull/1827
* fix vulnerability by ofrimasad in https://github.com/Deci-AI/super-gradients/pull/1872
* Bug/sg 1247 reoarganize tests by shaydeci in https://github.com/Deci-AI/super-gradients/pull/1789
* Added warning message for dataset license by shaydeci in https://github.com/Deci-AI/super-gradients/pull/1846
**Full Changelog**: https://github.com/Deci-AI/super-gradients/compare/3.6.0...3.6.1
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application