Product Research Enterprise Plans Docs

PyPi: Adversarial-Robustness-Toolbox

CVE-2021-34552

Transitive

Safety vulnerability ID: 41783

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Jul 13, 2021 Updated at Feb 18, 2024

Scan your Python projects for vulnerabilities →

Advisory

Adversarial-robustness-toolbox version 1.7.1 updates its dependency "Pillow" to a secure version. See CVE-2021-34552.

Affected package

adversarial-robustness-toolbox

Latest version: 1.17.1

Toolbox for adversarial machine learning.

Affected versions

Fixed versions

Vulnerability changelog

This release of ART 1.7.1 provides updates to ART 1.7.

Added

- Added wrapper `Mp3CompressionPyTorch` for `Mp3Compression` to make it compatible with PyTorch-specific attack implementations. (1210)
- Added new install option `non-framework` to `setup.py` to install all non-framework dependencies of ART. (1209)
- Added wrapper `VideoCompressionPyTorch` for `VideoCompression` to make it compatible with PyTorch-specific attack implementations. (1210)

Changed

- Changed `Mp3Compression` to add back reapplication of normalization to the compressed result. (1210)
- Changed `KerasClassifier.fit` to use batching provided by the method `fit` of the Keras model. (1182)

Removed

[None]

Fixed

- Fixed bug of not passing user-provided device type, and instead always using default `gpu`, to standardisation preprocessor in all `PyTorchEstimator` by using user-provided device type. (1223)
- Fixed bug in method `BaseEstimator.fit_generator` for fitting generators in cases where preprocessing is defined to not apply preprocessing twice. (1219)
- Fixed bug in `ImperceptibleASRPyTorch` to prevent NaN loss value for batch size larger than 1 by removing unnecessary zero-padding. (1198)
- Fixed two bugs in `OverTheAirFlickeringPyTorch` by making sure that the regularization norms are computed over the whole batch of perturbations, rather than per sample's perturbation and second that the "roll" operations are performed over the batch samples, rather than over the frames. (1192)
- Fixed bug in `SpectralSignatureDefense`, that lead to rejections of all clean images, by correctly indexing the label data. (1189)
- Fixed bug of accidentally removed checks for `apply_fit` and `apply_predict` properties of framework-independent `Preprocessor` tools in `PyTorchEstimator` and `TensorFlowV2Estimator`. With the bug the `Preprocessor` tools were always applied in methods `fit` and `predict` independent of the values of `apply_fit` and `apply_predict`. (1181)
- Fixed bug in `MembershipInferenceBlackBoxRemove.infer` by removing unnecessary shuffling of the test data. (1173)
- Fixed bug in `PixelAttack` and `ThresholdAttack` by casting input data to correct dtype. (1175)

Resources

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34552

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application

Severity Details

CVSS Base Score

CRITICAL 9.8

CVSS v3 Details

CRITICAL 9.8

Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality Impact (C): HIGH
Integrity Impact (I): HIGH
Availability Availability (A): HIGH

CVSS v2 Details

HIGH 7.5

Access Vector (AV): NETWORK
Access Complexity (AC): LOW
Authentication (Au): NONE
Confidentiality Impact (C): PARTIAL
Integrity Impact (I): PARTIAL
Availability Impact (A): PARTIAL