ГлавнаяУязвимости → CVE-2024-0095
9критическая

CVE-2024-0095

Описание

NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where a user can inject forged logs and executable commands by injecting arbitrary data as a new log entry. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

Затрагиваемое ПО
Nvidia Triton inference serverLinux Linux kernelMicrosoft Windows
CVSS
Балл9 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:H
Источники
https://nvidia.custhelp.com/app/answers/detail/a_id/5546https://nvidia.custhelp.com/app/answers/detail/a_id/5546