CVE-2025-23320
CVE-2025-23320
7.5
HighPublished:
Last updated:
Source:psirt@nvidia.com
Analyzed
Weakness (CWE)
CVSS Vector
v3.1- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- None
- Scope
- Unchanged
- Confidentiality
- High
- Integrity
- None
- Availability
- None
Description
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause the shared memory limit to be exceeded by sending a very large request. A successful exploit of this vulnerability might lead to information disclosure.
References
psirt@nvidia.com
https://nvd.nist.gov/vuln/detail/CVE-2025-23320psirt@nvidia.com
https://nvidia.custhelp.com/app/answers/detail/a_id/5687psirt@nvidia.com
https://www.cve.org/CVERecord?id=CVE-2025-23320