PyPi: Nerfstudio

CVE-2022-38900

Transitive

Safety vulnerability ID: 55287

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Nov 28, 2022 Updated at Nov 11, 2024
Scan your Python projects for vulnerabilities →

Advisory

Nerfstudio 0.2.2 updates its NPM dependency 'decode-uri-component' to 0.2.2 to include a security fix.

Affected package

nerfstudio

Latest version: 1.1.5

All-in-one repository for state-of-the-art NeRFs

Affected versions

Fixed versions

Vulnerability changelog

TLDR: Mainly Bugfixes

What's Changed
* Docs fixes for viewer elements by brentyi in https://github.com/nerfstudio-project/nerfstudio/pull/1770
* Add documentation for LERF by chungmin99 in https://github.com/nerfstudio-project/nerfstudio/pull/1771
* add individual grad_scaler config by wuzirui in https://github.com/nerfstudio-project/nerfstudio/pull/1762
* Configurable ip address by tancik in https://github.com/nerfstudio-project/nerfstudio/pull/1779
* Added docs wording change and also --crop-bottom by THE-COB in https://github.com/nerfstudio-project/nerfstudio/pull/1767
* Update lerf docs by tancik in https://github.com/nerfstudio-project/nerfstudio/pull/1782
* Improve mask generation script for nuScenes data by ZiYang-xie in https://github.com/nerfstudio-project/nerfstudio/pull/1679
* Bump webpack from 5.74.0 to 5.80.0 in /nerfstudio/viewer/app by dependabot in https://github.com/nerfstudio-project/nerfstudio/pull/1783
* Bump decode-uri-component from 0.2.0 to 0.2.2 in /nerfstudio/viewer/app by dependabot in https://github.com/nerfstudio-project/nerfstudio/pull/1784
* Bump sideway/formula from 3.0.0 to 3.0.1 in /nerfstudio/viewer/app by dependabot in https://github.com/nerfstudio-project/nerfstudio/pull/1785
* Automatically reconnect to server by tancik in https://github.com/nerfstudio-project/nerfstudio/pull/1790
* Use current host in landing page by machenmusik in https://github.com/nerfstudio-project/nerfstudio/pull/1792
* force resolutions to newer versions for security by machenmusik in https://github.com/nerfstudio-project/nerfstudio/pull/1799
* Rerender order swap by kerrj in https://github.com/nerfstudio-project/nerfstudio/pull/1802
* Add trainer parsing by kerrj in https://github.com/nerfstudio-project/nerfstudio/pull/1801
* Fix element parsing by kerrj in https://github.com/nerfstudio-project/nerfstudio/pull/1803
* Fix folder labels type annotation by brentyi in https://github.com/nerfstudio-project/nerfstudio/pull/1805
* Update NGP related models with nerfacc 0.5.2 by liruilong940607 in https://github.com/nerfstudio-project/nerfstudio/pull/1809
* Render in threejs viewer by machenmusik in https://github.com/nerfstudio-project/nerfstudio/pull/1794
* Update renderer logs by tancik in https://github.com/nerfstudio-project/nerfstudio/pull/1817
* Fix profiler for PyTorch 2.0 by jkulhanek in https://github.com/nerfstudio-project/nerfstudio/pull/1812
* Allow masks with instant ngp dataparser by nepfaff in https://github.com/nerfstudio-project/nerfstudio/pull/1741
* force resolution of yaml for security by machenmusik in https://github.com/nerfstudio-project/nerfstudio/pull/1818
* Revert loading entire dataset to GPU if using masks by nepfaff in https://github.com/nerfstudio-project/nerfstudio/pull/1821
* fix_mask by Tao-11-chen in https://github.com/nerfstudio-project/nerfstudio/pull/1819
* Add missing .cu files to pyproject by tancik in https://github.com/nerfstudio-project/nerfstudio/pull/1824
* Refactor of image and video dataset conversion by MalcolmMielle in https://github.com/nerfstudio-project/nerfstudio/pull/1690
* Update README.md by akanazawa in https://github.com/nerfstudio-project/nerfstudio/pull/1828
* Auto update viewer version by tancik in https://github.com/nerfstudio-project/nerfstudio/pull/1825
* Fix typo in readme by liruilong940607 in https://github.com/nerfstudio-project/nerfstudio/pull/1833
* Reduce the GPU memory required in viewer for NGP methods by liruilong940607 in https://github.com/nerfstudio-project/nerfstudio/pull/1837
* fix crop_center by takeru in https://github.com/nerfstudio-project/nerfstudio/pull/1844
* Fix viewer meshing options by tancik in https://github.com/nerfstudio-project/nerfstudio/pull/1846
* Support equirectangular sensor with metashape by f-dy in https://github.com/nerfstudio-project/nerfstudio/pull/1841
* Fix typos in Ray Samplers docs by MvWouden in https://github.com/nerfstudio-project/nerfstudio/pull/1851
* Fix typos in SDF Field by MvWouden in https://github.com/nerfstudio-project/nerfstudio/pull/1860
* Remove unecessary assert in pixel sampler on image dimensions by maturk in https://github.com/nerfstudio-project/nerfstudio/pull/1861
* Update logging docs by tancik in https://github.com/nerfstudio-project/nerfstudio/pull/1863
* Add Tetra-NeRF to the docs by jkulhanek in https://github.com/nerfstudio-project/nerfstudio/pull/1862
* Tetra-NeRF docs - fix versions and table formatting. by jkulhanek in https://github.com/nerfstudio-project/nerfstudio/pull/1864
* Fix flag name in tetra-nerf by jkulhanek in https://github.com/nerfstudio-project/nerfstudio/pull/1870
* Fix torchfield 1749 1539 by SophusDavid in https://github.com/nerfstudio-project/nerfstudio/pull/1859
* SceneContraction maps to range [-2, 2], not [-1, 1]. by decrispell in https://github.com/nerfstudio-project/nerfstudio/pull/1872
* Quit when not using viewer by tancik in https://github.com/nerfstudio-project/nerfstudio/pull/1873
* Fix images to nerfstudio filename by MvWouden in https://github.com/nerfstudio-project/nerfstudio/pull/1853
* Remove nerfacc aabb by tancik in https://github.com/nerfstudio-project/nerfstudio/pull/1874
* Enable method config registration from env variable by jkulhanek in https://github.com/nerfstudio-project/nerfstudio/pull/1869
* v0.2.2 by tancik in https://github.com/nerfstudio-project/nerfstudio/pull/1875

New Contributors
* chungmin99 made their first contribution in https://github.com/nerfstudio-project/nerfstudio/pull/1771
* wuzirui made their first contribution in https://github.com/nerfstudio-project/nerfstudio/pull/1762
* ZiYang-xie made their first contribution in https://github.com/nerfstudio-project/nerfstudio/pull/1679
* nepfaff made their first contribution in https://github.com/nerfstudio-project/nerfstudio/pull/1741
* MalcolmMielle made their first contribution in https://github.com/nerfstudio-project/nerfstudio/pull/1690
* takeru made their first contribution in https://github.com/nerfstudio-project/nerfstudio/pull/1844
* MvWouden made their first contribution in https://github.com/nerfstudio-project/nerfstudio/pull/1851
* maturk made their first contribution in https://github.com/nerfstudio-project/nerfstudio/pull/1861
* SophusDavid made their first contribution in https://github.com/nerfstudio-project/nerfstudio/pull/1859

**Full Changelog**: https://github.com/nerfstudio-project/nerfstudio/compare/v0.2.1...v0.2.2

Resources

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application

Severity Details

CVSS Base Score

HIGH 7.5

CVSS v3 Details

HIGH 7.5
Attack Vector (AV)
NETWORK
Attack Complexity (AC)
LOW
Privileges Required (PR)
NONE
User Interaction (UI)
NONE
Scope (S)
UNCHANGED
Confidentiality Impact (C)
NONE
Integrity Impact (I)
NONE
Availability Availability (A)
HIGH