CVE-2025-23320

{"id": "CVE-2025-23320", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@nvidia.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2025-08-06T13:15:39.633", "references": [{"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23320", "tags": ["US Government Resource"], "source": "psirt@nvidia.com"}, {"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5687", "tags": ["Vendor Advisory"], "source": "psirt@nvidia.com"}, {"url": "https://www.cve.org/CVERecord?id=CVE-2025-23320", "tags": ["Third Party Advisory"], "source": "psirt@nvidia.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "psirt@nvidia.com", "description": [{"lang": "en", "value": "CWE-209"}]}], "descriptions": [{"lang": "en", "value": "NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause the shared memory limit to be exceeded by sending a very large request. A successful exploit of this vulnerability might lead to information disclosure."}, {"lang": "es", "value": "NVIDIA Triton Inference Server para Windows y Linux contiene una vulnerabilidad en el backend de Python, donde un atacante podr\u00eda sobrepasar el l\u00edmite de memoria compartida al enviar una solicitud muy grande. Explotar esta vulnerabilidad podr\u00eda resultar en la divulgaci\u00f3n de informaci\u00f3n."}], "lastModified": "2025-08-12T16:34:52.427", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:triton_inference_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2168003B-4C9F-4733-89F5-EA17B1228F95", "versionEndExcluding": "25.07"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@nvidia.com"}