CVE-2025-23250
published 2025-04-22CVE-2025-23250: NVIDIA NeMo Framework contains a vulnerability where an attacker could cause an improper limitation of a pathname to a restricted directory by an arbitrary…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause an improper limitation of a pathname to a restricted directory by an arbitrary file write. A successful exploit of this vulnerability might lead to code execution and data tampering.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| nvidia | nemo | < 25.02 | 25.02 |
| nvidia | nemo_framework | — | — |