关键漏洞信息 CVE-2025-23295 Detail 状态: Awaiting Analysis 描述: NVIDIA Apex for all platforms contains a vulnerability in a Python component where an attacker could cause a code injection issue by providing a malicious file. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. 快速信息 CVE字典条目: CVE-2025-23295 NVD发布日期: 08/13/2025 NVD最后修改日期: 08/14/2025 来源: NVIDIA Corporation 指标 CVSS版本: 4.0, 3.x, 2.0 CVSS 3.x 严重性和向量字符串: - NIST: Base Score: N/A (NVD评估尚未提供) - CNA: NVIDIA Corporation: Base Score: 7.8 HIGH - Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 弱点枚举 CWE-ID: CWE-94 CWE名称: Improper Control of Generation of Code ('Code Injection') 来源: NVIDIA Corporation 变更历史 1个变更记录找到,显示更改。