PyPi: Geti-Sdk

CVE-2023-38325

Transitive

Safety vulnerability ID: 65667

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Jul 14, 2023 Updated at Nov 29, 2024
Scan your Python projects for vulnerabilities →

Advisory

Geti-sdk version 1.8.0 now requires cryptography version 41.0.2 or higher in response to CVE-2023-38325.

Affected package

geti-sdk

Latest version: 2.5.0

Software Development Kit for the Intel® Geti™ platform

Affected versions

Fixed versions

Vulnerability changelog

What's Changed
* Predict video on local by jihyeonyi in https://github.com/openvinotoolkit/geti-sdk/pull/243
* Update job datamodel for new job scheduler by ljcornel in https://github.com/openvinotoolkit/geti-sdk/pull/251
* Add `model` key to TestMetaData by ljcornel in https://github.com/openvinotoolkit/geti-sdk/pull/252
* Improve error handling for version parsing by ljcornel in https://github.com/openvinotoolkit/geti-sdk/pull/253
* Update SECURITY.md by ljcornel in https://github.com/openvinotoolkit/geti-sdk/pull/256
* Add `nosec` for safe subprocess use in `predict_video.py` by ljcornel in https://github.com/openvinotoolkit/geti-sdk/pull/257
* Update openvino to 2023.0 and OTX to v1.4 by ljcornel in https://github.com/openvinotoolkit/geti-sdk/pull/255
* Update opencv-python requirement from ==4.5.* to ==4.8.* in /requirements by dependabot in https://github.com/openvinotoolkit/geti-sdk/pull/249
* Bump orjson from 3.8.8 to 3.9.2 in /requirements by dependabot in https://github.com/openvinotoolkit/geti-sdk/pull/250
* Enable using pre-production dependencies in test builds by ljcornel in https://github.com/openvinotoolkit/geti-sdk/pull/258
* Update the list of third party programs by ljcornel in https://github.com/openvinotoolkit/geti-sdk/pull/259
* Require `cryptography>=41.0.2` for security reasons by ljcornel in https://github.com/openvinotoolkit/geti-sdk/pull/260
* Fix for responding to Project Key values in the REST API by harimkang in https://github.com/openvinotoolkit/geti-sdk/pull/264
* Disable parallel execution on pre-merge tests by ljcornel in https://github.com/openvinotoolkit/geti-sdk/pull/270
* Fix model_api import and model creation for deployments by ljcornel in https://github.com/openvinotoolkit/geti-sdk/pull/268
* CVS-116946 Make platform version parsing robust by ljcornel in https://github.com/openvinotoolkit/geti-sdk/pull/269
* Update Performance attribute interfaces by harimkang in https://github.com/openvinotoolkit/geti-sdk/pull/271
* CVS-118292 Update ATSS algo name by ljcornel in https://github.com/openvinotoolkit/geti-sdk/pull/272
* Fix deployment postprocessing by ljcornel in https://github.com/openvinotoolkit/geti-sdk/pull/273
* Fix OVMS configuration generation for Geti v1.8 by ljcornel in https://github.com/openvinotoolkit/geti-sdk/pull/276
* Update data model for `Algorithm` by ljcornel in https://github.com/openvinotoolkit/geti-sdk/pull/278
* Update configurable parameter data model by ljcornel in https://github.com/openvinotoolkit/geti-sdk/pull/279
* correct H1 level heading by adamczap in https://github.com/openvinotoolkit/geti-sdk/pull/280
* Update `TestResult` data model by ljcornel in https://github.com/openvinotoolkit/geti-sdk/pull/281
* Fix a potential infinite loop in the label helpers by ljcornel in https://github.com/openvinotoolkit/geti-sdk/pull/285


**Full Changelog**: https://github.com/openvinotoolkit/geti-sdk/compare/v1.5.8...v.1.8.0

Resources

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application

Severity Details

CVSS Base Score

HIGH 7.5

CVSS v3 Details

HIGH 7.5
Attack Vector (AV)
NETWORK
Attack Complexity (AC)
LOW
Privileges Required (PR)
NONE
User Interaction (UI)
NONE
Scope (S)
UNCHANGED
Confidentiality Impact (C)
NONE
Integrity Impact (I)
HIGH
Availability Availability (A)
NONE