Nvidia Nemo Framework vulnerabilities

CVE-2025-23314 [HIGH] CWE-94 CVE-2025-23314: NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where malicio NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where malicious data created by an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.

CVE-2025-23315 [HIGH] CWE-94 CVE-2025-23315: NVIDIA NeMo Framework for all platforms contains a vulnerability in the export and deploy component, NVIDIA NeMo Framework for all platforms contains a vulnerability in the export and deploy component, where malicious data created by an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.

CVE-2025-23251 [HIGH] CWE-94 CVE-2025-23251: NVIDIA NeMo Framework contains a vulnerability where a user could cause an improper control of gener NVIDIA NeMo Framework contains a vulnerability where a user could cause an improper control of generation of code by remote code execution. A successful exploit of this vulnerability might lead to code execution and data tampering.

CVE-2025-23249 [HIGH] CWE-502 CVE-2025-23249: NVIDIA NeMo Framework contains a vulnerability where a user could cause a deserialization of untrust NVIDIA NeMo Framework contains a vulnerability where a user could cause a deserialization of untrusted data by remote code execution. A successful exploit of this vulnerability might lead to code execution and data tampering.

CVE-2025-23250 [HIGH] CWE-22 CVE-2025-23250: NVIDIA NeMo Framework contains a vulnerability where an attacker could cause an improper limitation NVIDIA NeMo Framework contains a vulnerability where an attacker could cause an improper limitation of a pathname to a restricted directory by an arbitrary file write. A successful exploit of this vulnerability might lead to code execution and data tampering.

CVE-2025-23360 [HIGH] CWE-23 CVE-2025-23360: NVIDIA Nemo Framework contains a vulnerability where a user could cause a relative path traversal is NVIDIA Nemo Framework contains a vulnerability where a user could cause a relative path traversal issue by arbitrary file write. A successful exploit of this vulnerability may lead to code execution and data tampering.