What is CVE-2024-0095?

CVE-2024-0095 is a medium-severity vulnerability in Nvidia Triton Inference Server, classified under Improper Output Neutralization for Logs. CVSS score: 4.3/10. Published 2024-06-13.

How severe is CVE-2024-0095?

Medium severity. CVSS v3 base score is 4.3 out of 10.

Vulnerability in Nvidia Triton Inference Server

CVE-2024-0095

NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where a user can inject forged logs and executable commands by injecting arbitrary data as a new log entry. A successful exploit of this vulnerability might lead…

EPSS: 0.005 (66.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:H.

Affected products

Nvidia Triton Inference Server — versions 20.10 to 24.04

Weakness classification (CWE)

CWE-117 — Improper Output Neutralization for Logs

References

nvidia.custhelp.com/app/answers/detail/a_id/5546

Frequently asked questions

What is CVE-2024-0095?: CVE-2024-0095 is a medium-severity vulnerability in Nvidia Triton Inference Server, classified under Improper Output Neutralization for Logs. CVSS score: 4.3/10. Published 2024-06-13.
How severe is CVE-2024-0095?: Medium severity. CVSS v3 base score is 4.3 out of 10.