CVE-2025-23272
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-09-24
Last updated on: 2025-09-24
Assigner: NVIDIA Corporation
Description
Description
NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to information disclosure or denial of service.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nvidia | nvjpeg | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-125 | The product reads data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the NVIDIA nvJPEG library, where an attacker can cause an out-of-bounds read by using a specially crafted JPEG file. This means the attacker can make the software read memory outside the intended boundaries.
How can this vulnerability impact me? :
Exploiting this vulnerability might lead to information disclosure, where sensitive data could be exposed, or denial of service, causing the affected system or application to crash or become unavailable.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70