CVE-2025-23294_CVE-2025-23294

7.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

NVIDIA WebDataset for all platforms contains a vulnerability where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial of service.

Basic Information

ID CVE-2025-23294

Source nvidia

Published Aug 13, 2025 at 17:08

Modified Aug 13, 2025 at 17:49

Affected Product

Vendor NVIDIA

Product NVIDIA WebDataset

Version All versions that do not include code commit 9e95f50

Affected Versions NVIDIA NVIDIA WebDataset All versions that do not include code commit 9e95f50

CWE Classification

CWE-78

References

{
    "lastseen": "",
    "description": "NVIDIA WebDataset for all platforms contains a vulnerability where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial of service.",
    "published": "2025-08-13T17:08:13.453Z",
    "modified": "2025-08-13T17:49:03.240Z",
    "type": "cve",
    "title": "CVE-2025-23294",
    "source": "nvidia",
    "references": "https://nvd.nist.gov/vuln/detail/CVE-2025-23294\nhttps://www.cve.org/CVERecord?id=CVE-2025-23294\nhttps://nvidia.custhelp.com/app/answers/detail/a_id/5658",
    "id": "CVE-2025-23294",
    "bulletinFamily": "",
    "cwe": [
        "CWE-78"
    ],
    "cvelist": null,
    "sourceData": "NVIDIA NVIDIA WebDataset All versions that do not include code commit 9e95f50",
    "sourceHref": "",
    "cvss": {
        "score": 7.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "NVIDIA WebDataset",
    "version": "All versions that do not include code commit 9e95f50",
    "vendor": "NVIDIA",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}