Safety vulnerability ID: 72506
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Nvflare has upgraded the installation dependency, Werkzeug, to version 3.0.3 to address CVE-2024-34069.
Latest version: 2.5.1
Federated Learning Application Runtime Environment
What's Changed
* Add min_responses to send_model_and_wait() by SYangster in https://github.com/NVIDIA/NVFlare/pull/2675
* Resolve CVE with updated dependency by IsaacYangSLA in https://github.com/NVIDIA/NVFlare/pull/2681
* Add site enhancements by SYangster in https://github.com/NVIDIA/NVFlare/pull/2682
* Enhance ModelController arguments by SYangster in https://github.com/NVIDIA/NVFlare/pull/2683
* FOBS Enhancement by nvidianz in https://github.com/NVIDIA/NVFlare/pull/2580
* [2.5] Support app commands through admin by yanchengnv in https://github.com/NVIDIA/NVFlare/pull/2647
* Updates for num_clients by SYangster in https://github.com/NVIDIA/NVFlare/pull/2685
* FedAvg Early Stopping with ModelController by SYangster in https://github.com/NVIDIA/NVFlare/pull/2648
* fixed TaskScriptRunner which may locate the wrong script by yhwen in https://github.com/NVIDIA/NVFlare/pull/2626
* Fixed the sys.path for fedavg_model_learner_xsite_val_cifar10 example by yhwen in https://github.com/NVIDIA/NVFlare/pull/2614
* Update getting started notebooks for 2.5.0rc by SYangster in https://github.com/NVIDIA/NVFlare/pull/2690
* Fix Fed Stats due to recent changes by chesterxgchen in https://github.com/NVIDIA/NVFlare/pull/2691
* Support server side custom scripts in job API by holgerroth in https://github.com/NVIDIA/NVFlare/pull/2695
* update notebooks due to the simulator changes by chesterxgchen in https://github.com/NVIDIA/NVFlare/pull/2696
* Fix DAM Unit Test by nvidianz in https://github.com/NVIDIA/NVFlare/pull/2692
* Update version number MONAI and the bundle version by nvkevlu in https://github.com/NVIDIA/NVFlare/pull/2702
* Add Hierarchical Stats example by apatole in https://github.com/NVIDIA/NVFlare/pull/2694
* Update Hello Client Controlled Workflow(CCWF) README.md by tonywjs in https://github.com/NVIDIA/NVFlare/pull/2709
* Update stats READMEs by apatole in https://github.com/NVIDIA/NVFlare/pull/2711
* Fix torch ddp by YuanTingHsieh in https://github.com/NVIDIA/NVFlare/pull/2706
* Cherry pick RM fix from 2667 by YuanTingHsieh in https://github.com/NVIDIA/NVFlare/pull/2700
* Update ClientAlgo by YuanTingHsieh in https://github.com/NVIDIA/NVFlare/pull/2705
* Fix ClientAPILauncherExecutor import path to remove torch dependency. by zhijinl in https://github.com/NVIDIA/NVFlare/pull/2713
* Fix cyclic job creation example by holgerroth in https://github.com/NVIDIA/NVFlare/pull/2627
* Use ReliableMessage from 2.4 by YuanTingHsieh in https://github.com/NVIDIA/NVFlare/pull/2717
* Enhance CLI command config by YuanTingHsieh in https://github.com/NVIDIA/NVFlare/pull/2716
* Add CrossSiteEval with ModelController by SYangster in https://github.com/NVIDIA/NVFlare/pull/2699
* Enhance job auth setup script by YuanTingHsieh in https://github.com/NVIDIA/NVFlare/pull/2715
* Merging XGBoost changes from 2.4 by nvidianz in https://github.com/NVIDIA/NVFlare/pull/2712
* [2.5] Fix pipe handler race condition handling by yanchengnv in https://github.com/NVIDIA/NVFlare/pull/2728
* Remove serialization of pfx by IsaacYangSLA in https://github.com/NVIDIA/NVFlare/pull/2721
* Update readme link to website by SYangster in https://github.com/NVIDIA/NVFlare/pull/2734
* Fix BcastTaskManager min_responses by SYangster in https://github.com/NVIDIA/NVFlare/pull/2733
* Fix cell encrypt by YuanTingHsieh in https://github.com/NVIDIA/NVFlare/pull/2732
* keep the local resources for simulator by yhwen in https://github.com/NVIDIA/NVFlare/pull/2730
* Support same app for all sites in Job API by holgerroth in https://github.com/NVIDIA/NVFlare/pull/2714
* Fix overseer test timing by YuanTingHsieh in https://github.com/NVIDIA/NVFlare/pull/2743
* Add ModelController documentation by SYangster in https://github.com/NVIDIA/NVFlare/pull/2707
* [2.5] TIE (Technology for Integrating Everything) and Flower Inegration by yanchengnv in https://github.com/NVIDIA/NVFlare/pull/2523
* Add MetricsSender docstring by YuanTingHsieh in https://github.com/NVIDIA/NVFlare/pull/2745
* Update MONAI example by YuanTingHsieh in https://github.com/NVIDIA/NVFlare/pull/2724
* [2.5] Fix clone job to keep original job by yanchengnv in https://github.com/NVIDIA/NVFlare/pull/2755
* Bump up the version of monai-nvflare package to 0.2.9 by IsaacYangSLA in https://github.com/NVIDIA/NVFlare/pull/2749
* Update getting_started.rst by hwpang in https://github.com/NVIDIA/NVFlare/pull/2737
* Add CIFAR 10 examples for Tensorflow-based FedAvg & FedOpt by zhijinl in https://github.com/NVIDIA/NVFlare/pull/2704
* Minor fix for instructions in setup_poc.ipynb for main by hwpang in https://github.com/NVIDIA/NVFlare/pull/2752
* Added id to the jobAPI swarm_script_executor_cifar10 component deploy by yhwen in https://github.com/NVIDIA/NVFlare/pull/2678
* XGBoost plugin with new API by nvidianz in https://github.com/NVIDIA/NVFlare/pull/2725
New Contributors
* tonywjs made their first contribution in https://github.com/NVIDIA/NVFlare/pull/2709
* hwpang made their first contribution in https://github.com/NVIDIA/NVFlare/pull/2737
**Full Changelog**: https://github.com/NVIDIA/NVFlare/compare/2.5.0rc1...2.5.0rc2
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application