CVE-2023-2970

A vulnerability classified as problematic was found in MindSpore 2.0.0-alpha/2.0.0-rc1. This vulnerability affects the function JsonHelper::UpdateArray of the file mindspore/ccsrc/minddata/dataset/util/json_helper.cc. The manipulation leads to memory corruption. The name of the patch is 30f4729ea2c01e1ed437ba92a81e2fc098d608a9. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-230176.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mindspore:mindspore:2.0.0:alpha:*:*:*:*:*:*
cpe:2.3:a:mindspore:mindspore:2.0.0:rc1:*:*:*:*:*:*

History

21 Nov 2024, 07:59

Type Values Removed Values Added
References () https://gitee.com/mindspore/mindspore/commit/30f4729ea2c01e1ed437ba92a81e2fc098d608a9 - Permissions Required () https://gitee.com/mindspore/mindspore/commit/30f4729ea2c01e1ed437ba92a81e2fc098d608a9 - Permissions Required
References () https://gitee.com/mindspore/mindspore/issues/I73DOS - Issue Tracking, Third Party Advisory () https://gitee.com/mindspore/mindspore/issues/I73DOS - Issue Tracking, Third Party Advisory
References () https://vuldb.com/?ctiid.230176 - Permissions Required () https://vuldb.com/?ctiid.230176 - Permissions Required
References () https://vuldb.com/?id.230176 - Permissions Required () https://vuldb.com/?id.230176 - Permissions Required
CVSS v2 : 2.7
v3 : 6.5
v2 : 2.7
v3 : 3.5

05 Jun 2023, 18:01

Type Values Removed Values Added
First Time Mindspore mindspore
Mindspore
References (MISC) https://vuldb.com/?ctiid.230176 - (MISC) https://vuldb.com/?ctiid.230176 - Permissions Required
References (MISC) https://gitee.com/mindspore/mindspore/issues/I73DOS - (MISC) https://gitee.com/mindspore/mindspore/issues/I73DOS - Issue Tracking, Third Party Advisory
References (MISC) https://gitee.com/mindspore/mindspore/commit/30f4729ea2c01e1ed437ba92a81e2fc098d608a9 - (MISC) https://gitee.com/mindspore/mindspore/commit/30f4729ea2c01e1ed437ba92a81e2fc098d608a9 - Permissions Required
References (MISC) https://vuldb.com/?id.230176 - (MISC) https://vuldb.com/?id.230176 - Permissions Required
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.5
CPE cpe:2.3:a:mindspore:mindspore:2.0.0:alpha:*:*:*:*:*:*
cpe:2.3:a:mindspore:mindspore:2.0.0:rc1:*:*:*:*:*:*

30 May 2023, 06:16

Type Values Removed Values Added
New CVE

Information

Published : 2023-05-30 06:16

Updated : 2024-11-21 07:59


NVD link : CVE-2023-2970

Mitre link : CVE-2023-2970

CVE.ORG link : CVE-2023-2970


JSON object : View

Products Affected

mindspore

  • mindspore
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer