CNNVD-202511-2726 Information
CNNVD ID
CNNVD-202511-2726
Related CVE
- CNNVD Published: 2025-11-25
Description (Chinese)
NVIDIA Nemo Framework是美国英伟达(NVIDIA)公司的一款用于构建和部署生成式 AI 模型的框架。 NVIDIA Nemo Framework存在代码注入漏洞,该漏洞源于NLP和LLM组件中存在恶意数据,可能导致代码注入,可能导致代码执行、权限提升、信息泄露和数据篡改。
Description (English)
NVIDIA Nemo Framework is a framework for the construction and deployment of a generated AI model by NVIDIA. NVIDIA Nemo Framework has a code-infusion loophole, which stems from the presence of malicious data in the NLP and LLM components, which can lead to code-injection, which can lead to code execution, power enhancement, information leakage and data manipulation.
Hazard Level
Medium
Vulnerability Type
代码注入
Affected Vendor
英伟达
Published
2025-11-25
Last Modified
2026-02-24
References
https://www.cve.org/CVERecord?id=CVE-2025-33204 https://nvidia.custhelp.com/app/answers/detail/a_id/5729 https://nvd.nist.gov/vuln/detail/CVE-2025-33204 https://access.redhat.com/security/cve/cve-2025-33204
Patch
https://nvidia.custhelp.com/app/answers/detail/a_id/5729
Share on: