Lowdrnikolaev

**Name of the Vulnerable Software and Affected Versions** NVCaffe versions prior to 0.17.4 **Description** The issue arises from NVCaffe's python required dependencies list containing a reference to `gfortran`, which does not exist in the pypi.org repository. This could have allowed an attacker to post malicious files to pypi.org, potentially causing a user to install them within NVCaffe. **Recommendations** For versions prior to 0.17.4, update to version 0.17.4 or later to resolve the issue. As a temporary workaround, consider restricting the installation of dependencies from untrusted sources to minimize the risk of exploitation.