Path Traversal Vulnerability in NVIDIA Nemo Framework
CVE-2025-23360
7.1HIGH
Summary
The NVIDIA Nemo Framework is impacted by a vulnerability that allows for a relative path traversal through arbitrary file writing. An attacker could exploit this flaw to execute unauthorized code or alter data, leading to significant security risks. It is crucial for users of the Nemo Framework to be aware of this vulnerability and implement necessary security practices to mitigate potential exploitation.
Affected Version(s)
NeMo Framework Windows All versions prior to 24.12
References
CVSS V3.1
Score:
7.1
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved