Deserialization Vulnerability in NVIDIA NVTabular Workflow Component
CVE-2025-33214

8.8HIGH

Key Information:

Vendor: Nvidia
Status: Nvtabular
Vendor: CVE Published:; 9 December 2025

What is CVE-2025-33214?

NVIDIA NVTabular for Linux has a vulnerability in its Workflow component that allows attackers to exploit a deserialization issue. This flaw can potentially lead to various security concerns, including unauthorized code execution, service disruption, the disclosure of sensitive information, and the possibility of data tampering. It is crucial for users to understand the implications of this vulnerability and take necessary measures to mitigate potential risks.

Affected Version(s)

NVTabular Linux All versions that do not include commit 5dd11f4

References

https://nvd.nist.gov/vuln/detail/CVE-2025-33214

https://www.cve.org/CVERecord?id=CVE-2025-33214

https://nvidia.custhelp.com/app/answers/detail/a_id/5739

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Dec 9, 2025
Vulnerability Reserved
Apr 15, 2025

JSON

Nvidia

What is CVE-2025-33214?

Affected Version(s)

References

CVSS V3.1

Timeline