CVE-2025-23319
CVE-2025-23319
8.1
HighPublished:
Last updated:
Source:psirt@nvidia.com
Analyzed
Weakness (CWE)
CVSS Vector
v3.1- Attack Vector
- Network
- Attack Complexity
- High
- Privileges Required
- None
- User Interaction
- None
- Scope
- Unchanged
- Confidentiality
- High
- Integrity
- High
- Availability
- High
Description
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds write by sending a request. A successful exploit of this vulnerability might lead to remote code execution, denial of service, data tampering, or information disclosure.
References
psirt@nvidia.com
https://nvd.nist.gov/vuln/detail/CVE-2025-23319psirt@nvidia.com
https://nvidia.custhelp.com/app/answers/detail/a_id/5687psirt@nvidia.com
https://www.cve.org/CVERecord?id=CVE-2025-23319