cosmos-predict2 (>=1.0.6 <=1.0.9), entity-model (>=1.0.0 <=1.0.9) +19 more potentially affected by CVE-2025-33247 via megatron-core (>=0.10.0 <=0.15.2)

megatron-core PYPI version =0.10.0, =1.0.6, =1.0.0, =5.1.6, =1.0.0, =0.1.0rc0, =0.1.0rc1, =0.1.0, =1.0.0, =2.0.8, =1.0.0, =2.0.8, =1.0.0, =1.0.0, =1.0.7 and more Source cves: CVE-2025-33247 Source advisory: SNYK:PYTHON-MEGATRONCORE-15871031...

CVE-2025-33247

NVIDIA Megatron LM is affected by CVE-2025-33247 due to a vulnerability in quantization configuration loading that could allow remote code execution. The security bulletin states this could lead to code execution, elevation of privileges, information disclosure, and data tampering. Affected produ...

CVE-2025-33247

NVIDIA Megatron LM contains a vulnerability in quantization configuration loading, which could allow remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...