NVIDIA Nemo Framework contains a vulnerability where a user could cause a relative path traversal issue by arbitrary file write. A successful exploit of this vulnerability may lead to code execution and data tampering.
Advisories
Source ID Title
EUVD EUVD EUVD-2025-7627 NVIDIA Nemo Framework contains a vulnerability where a user could cause a relative path traversal issue by arbitrary file write. A successful exploit of this vulnerability may lead to code execution and data tampering.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Tue, 23 Sep 2025 19:15:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Linux
Linux linux Kernel
Microsoft
Microsoft windows
Nvidia
Nvidia nemo
CPEs cpe:2.3:a:nvidia:nemo:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vendors & Products Apple
Apple macos
Linux
Linux linux Kernel
Microsoft
Microsoft windows
Nvidia
Nvidia nemo

Fri, 11 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.0002}

epss

{'score': 0.00027}


Tue, 11 Mar 2025 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 11 Mar 2025 20:00:00 +0000

Type Values Removed Values Added
Description NVIDIA Nemo Framework contains a vulnerability where a user could cause a relative path traversal issue by arbitrary file write. A successful exploit of this vulnerability may lead to code execution and data tampering.
Weaknesses CWE-23
References
Metrics cvssV3_1

{'score': 7.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: nvidia

Published:

Updated: 2025-03-11T20:01:56.499Z

Reserved: 2025-01-14T01:07:26.681Z

Link: CVE-2025-23360

cve-icon Vulnrichment

Updated: 2025-03-11T20:01:53.075Z

cve-icon NVD

Status : Analyzed

Published: 2025-03-11T20:15:16.633

Modified: 2025-09-23T19:12:03.027

Link: CVE-2025-23360

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.