CNNVD-202508-3065 Information

CNNVD ID

CNNVD-202508-3065

Related CVE

CVE-2025-23314

• CNNVD Published: 2025-08-26

Description (Chinese)

NVIDIA Nemo Framework是美国英伟达（NVIDIA）公司的一款用于构建和部署生成式 AI 模型的框架。 NVIDIA Nemo Framework存在代码注入漏洞，该漏洞源于NLP组件中恶意数据可能导致代码注入，进而导致代码执行、权限提升、信息泄露和数据篡改。

Description (English)

NVIDIA Nemo Framework is a framework for the construction and deployment of a generated AI model by NVIDIA. NVIDIA Nemo Framewok has a code-infusion loophole, which stems from malicious data in the NLP component that may result in code-injection, which in turn leads to code execution, power enhancement, information leak and data manipulation.

Hazard Level

Medium

Vulnerability Type

代码注入

Affected Vendor

英伟达

Published

2025-08-26

Last Modified

2026-02-24

References

https://www.cve.org/CVERecord?id=CVE-2025-23314 https://nvidia.custhelp.com/app/answers/detail/a_id/5689 https://nvd.nist.gov/vuln/detail/CVE-2025-23314

Patch

https://nvidia.custhelp.com/app/answers/detail/a_id/5689