CVE-2023-31036 Information

Description

NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where when it is launched with the non-default command line option –model-control explicit an attacker may use the model load API to cause a relative path traversal. A successful exploit of this vulnerability may lead to code execution denial of service escalation of privileges information disclosure and data tampering.

Reference

https://nvidia.custhelp.com/app/answers/detail/a_id/5509