{"id":"PYSEC-2022-175","details":"Insecure Temporary File in GitHub repository horovod/horovod prior to 0.24.0.","aliases":["CVE-2022-0315","GHSA-47wv-vhj2-g66m"],"modified":"2023-11-01T04:57:04.542099Z","published":"2022-03-24T09:15:00Z","references":[{"type":"WEB","url":"https://huntr.dev/bounties/7e50397b-dd63-4bb5-b56d-704094a7da45"},{"type":"FIX","url":"https://github.com/horovod/horovod/commit/b96ecae4dc69fc0a83c7c2d3f1dde600c20a1b41"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-47wv-vhj2-g66m"}],"affected":[{"package":{"name":"horovod","ecosystem":"PyPI","purl":"pkg:pypi/horovod"},"ranges":[{"type":"GIT","repo":"https://github.com/horovod/horovod","events":[{"introduced":"0"},{"fixed":"b96ecae4dc69fc0a83c7c2d3f1dde600c20a1b41"}]},{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.24.0"}]}],"versions":["0.10.0","0.10.1","0.10.2","0.11.0","0.11.1","0.11.2","0.11.3","0.12.0","0.12.1","0.13.0","0.13.1","0.13.10","0.13.11","0.13.2","0.13.3","0.13.4","0.13.5","0.13.6","0.13.7","0.13.8","0.14.0","0.14.1","0.15.0","0.15.1","0.15.2","0.16.0","0.16.1","0.16.2","0.16.3","0.16.4","0.18.0","0.18.1","0.18.2","0.19.0","0.19.1","0.19.2","0.19.3","0.19.4","0.19.5","0.20.0","0.20.1","0.20.2","0.20.3","0.21.0","0.21.1","0.21.2","0.21.3","0.22.0","0.22.1","0.23.0","0.9.0","0.9.1","0.9.10","0.9.11","0.9.12","0.9.2","0.9.3","0.9.4","0.9.5","0.9.6","0.9.7","0.9.8","0.9.9"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/horovod/PYSEC-2022-175.yaml"}}],"schema_version":"1.7.3"}