CNNVD-202508-1411 Information

CNNVD ID

CNNVD-202508-1411

Related CVE

CVE-2025-23304

• CNNVD Published: 2025-08-13

Description (Chinese)

NVIDIA NeMo library是美国英伟达（NVIDIA）公司的一个深度学习工具库。 NVIDIA NeMo library存在路径遍历漏洞，该漏洞源于模型加载组件可能导致代码注入，可能导致远程代码执行和数据篡改。

Description (English)

NVIDIA NeMo library is an in-depth learning tool for NVIDIA. NVIDIA NeMo library has a loophole in its path, which stems from the fact that model loading components may result in code injections and may result in remote code execution and data manipulation.

Hazard Level

Medium

Vulnerability Type

路径遍历

Affected Vendor

英伟达

Published

2025-08-13

Last Modified

2026-02-24

References

https://nvd.nist.gov/vuln/detail/CVE-2025-23304 https://nvidia.custhelp.com/app/answers/detail/a_id/5686 https://www.cve.org/CVERecord?id=CVE-2025-23304

Patch

https://nvidia.custhelp.com/app/answers/detail/a_id/5686