CVE-2024-0095

Name of the Vulnerable Software and Affected Versions NVIDIA Triton Inference Server (affected versions not specified)

Description The issue is related to improper handling of log output, allowing a user to inject arbitrary data as a new log entry, which can lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. A successful exploit might allow an attacker to gain unauthorized access to protected information, elevate their privileges, execute arbitrary code, or cause a denial of service or data tampering.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.