Path Traversal Vulnerability in NVIDIA Nemo Framework
CVE-2025-23360

7.1HIGH

Key Information:

Vendor
Nvidia
Vendor
CVE Published:
11 March 2025

Summary

The NVIDIA Nemo Framework is impacted by a vulnerability that allows for a relative path traversal through arbitrary file writing. An attacker could exploit this flaw to execute unauthorized code or alter data, leading to significant security risks. It is crucial for users of the Nemo Framework to be aware of this vulnerability and implement necessary security practices to mitigate potential exploitation.

Affected Version(s)

NeMo Framework Windows All versions prior to 24.12

References

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.