4 matches found
EUVD-2020-17077
Malware in sbrugna...
GHSA-47WV-VHJ2-G66M Use of insecure temporary file in Horovod
Impact The insecure tempfile.mktemp is used when Horovod is run in an LSF job with jsrun. In that situation, a jsrun rank file is created with mktemp, which could be hijacked by another process to read or manipulate the content. This issue does not impact the use of MPI, Gloo, Spark or Ray. Patch...
Use of insecure temporary file in Horovod
Impact The insecure tempfile.mktemp is used when Horovod is run in an LSF job with jsrun. In that situation, a jsrun rank file is created with mktemp, which could be hijacked by another process to read or manipulate the content. This issue does not impact the use of MPI, Gloo, Spark or Ray. Patch...
Artifex Software MuJS Buffer Overflow Vulnerability (CNVD-2017-05278)
Artifex Software MuJS is a lightweight JavaScript interpreter from Artifex Software, USA, which is used to embed into other software to provide script execution capabilities. A buffer overflow vulnerability exists in the 'jsstackoverflow' function of the jsrun.c file in Artifex Software MuJS. An...