CVE-2022-0315: Use of insecure temporary file in Horovod
Insecure Temporary File in GitHub repository horovod/horovod prior to 0.24.0.
References
- github.com/advisories/GHSA-47wv-vhj2-g66m
- github.com/horovod/horovod/commit/b96ecae4dc69fc0a83c7c2d3f1dde600c20a1b41
- github.com/horovod/horovod/pull/3358
- github.com/horovod/horovod/security/advisories/GHSA-47wv-vhj2-g66m
- huntr.dev/bounties/7e50397b-dd63-4bb5-b56d-704094a7da45
- nvd.nist.gov/vuln/detail/CVE-2022-0315
Detect and mitigate CVE-2022-0315 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →