A vulnerability, which was classified as critical, has been found in NVIDIA NeMo up to All versions r2.0.0rc0. This issue affects the function
SaveRestoreConnector
of the component Tar File Extraction Handler. The manipulation leads to path traversal.
The identification of this vulnerability is CVE-2024-0129. Attacking locally is a requirement. There is no exploit available.
It is recommended to upgrade the affected component.