关键漏洞信息 CVE ID: CVE-2025-23303 发布日期: 2025-08-13 更新日期: 2025-08-13 CNA: NVIDIA Corporation 描述 NVIDIA NeMo Framework for all platforms contains a vulnerability where a user could cause a deserialization of untrusted data by remote code execution. A successful exploit of this vulnerability might lead to code execution and data tampering. CWE CWE-502: Deserialization of Untrusted Data CVSS 评分: 7.8 严重性: HIGH 版本: 3.1 向量字符串: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 影响产品 厂商: NVIDIA 产品: NVIDIA NeMo Framework 平台: Windows, Linux, macOS 受影响版本: All versions prior to 2.3.2 参考链接 https://nvd.nist.gov/vuln/detail/CVE-2025-23303 https://www.cve.org/CVERecord?id=CVE-2025-23303 https://nvidia.custhelp.com/app/answers/detail/a_id/5686