0.003 Low
EPSS
Percentile
70.2%
NVFLARE is vulnerable to unsafe deserialization. The use of unsafe Pickle function allows an unprivileged network attacker to cause Remote Code Execution.
packetstormsecurity.com/files/171483/NVFLARE-Unsafe-Deserialization.html
github.com/advisories/GHSA-6qv6-q77g-7qm6
github.com/NVIDIA/NVFlare/commit/6cde16f3f4711583ae4d896dfcc125d25c7d5b0d
github.com/NVIDIA/NVFlare/security/advisories/GHSA-6qv6-q77g-7qm6