Homepage

wandb@0.15.6 vulnerabilities

A CLI and library for interacting with the Weights & Biases API.

  • latest version

    0.19.9

  • latest non vulnerable version

    0.19.9

  • first published

    8 years ago

  • latest version published

    20 days ago

  • licenses detected

  • View wandb package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the wandb package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Race Condition

    wandb is an A CLI and library for interacting with the Weights and Biases API.

    Affected versions of this package are vulnerable to Race Condition in the thread cleanup behavior in the finish_thread_id() function in agent.py. An attacker can access job status from an unauthorized thread if they are accessed or modified at the same time, which could cause data corruption.

    How to fix Race Condition?

    Upgrade wandb to version 0.15.12 or higher.

    [,0.15.12)
    • M
    Race Condition

    wandb is an A CLI and library for interacting with the Weights and Biases API.

    Affected versions of this package are vulnerable to Race Condition in handler.go and writer.go that allows attackers to access or modify data, especially in concurrent environments.

    How to fix Race Condition?

    Upgrade wandb to version 0.15.10 or higher.

    [,0.15.10)
    Go back to all versions of this package