Preface: If successful, a path traversal attack may result in the following risks: Unauthorized data access: An attacker can gain access to sensitive files, such as configuration files, system files, or source code, which may include Credentials, application code and data, and sensitive operating system files.
Background: NVIDIA NeMo™ is an end-to-end platform for developing custom generative AI—including large language models (LLMs), multimodal, vision, and speech AI —anywhere. Deliver enterprise-ready models with precise data curation, cutting-edge customization, retrieval-augmented generation (RAG), and accelerated performance.
Standardized method to save a tarfile containing the checkpoint, config, and any additional artifacts. Implemented via nemo[.]core[.]connectors.
Vulnerability details: NVIDIA NeMo contains a vulnerability in SaveRestoreConnector where a user may cause a path traversal issue via an unsafe .tar file extraction. A successful exploit of this vulnerability may lead to code execution and data tampering.
Official announcement: Please refer to the link for details – https://nvidia.custhelp.com/app/answers/detail/a_id/5580