NVIDIA NeMo Framework for all platforms contains a vulnerability in the retrieval services component, where malicious data created by an attacker could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.
Metrics
Affected Vendors & Products
References
History
Wed, 27 Aug 2025 11:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Nvidia
Nvidia nemo |
|
Vendors & Products |
Nvidia
Nvidia nemo |
Tue, 26 Aug 2025 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 26 Aug 2025 18:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | NVIDIA NeMo Framework for all platforms contains a vulnerability in the retrieval services component, where malicious data created by an attacker could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. | |
Weaknesses | CWE-94 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: nvidia
Published:
Updated: 2025-08-27T03:55:17.096Z
Reserved: 2025-01-14T01:06:28.098Z
Link: CVE-2025-23312

Updated: 2025-08-26T19:58:09.144Z

Status : Awaiting Analysis
Published: 2025-08-26T19:15:38.610
Modified: 2025-08-29T16:22:31.970
Link: CVE-2025-23312

No data.

Updated: 2025-08-27T11:21:30Z