5 matches found
CVE-2025-23348
NVIDIA Megatron-LM for all platforms contains a vulnerability in the pretraingpt script, where malicious data created by an attacker may cause a code injection issue. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data...
CVE-2025-23348
NVIDIA Megatron-LM for all platforms contains a vulnerability in the pretraingpt script, where malicious data created by an attacker may cause a code injection issue. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data...
Arbitrary Code Injection
Overview megatron-core is a Megatron Core - a library for efficient and scalable training of transformer based models Affected versions of this package are vulnerable to Arbitrary Code Injection in the pretraingpt script. An attacker can execute arbitrary code, escalate privileges, access sensiti...
CVE-2025-23348
CVE-2025-23348 affects NVIDIA Megatron-LM across platforms, with a vulnerability in the pretrain_gpt script where malicious input data may trigger code injection, potentially enabling code execution, privilege escalation, information disclosure, and data tampering. Documents consistently identify...
PT-2025-39260
Name of the Vulnerable Software and Affected Versions NVIDIA Megatron-LM affected versions not specified Description The software contains a flaw in the pretrain gpt script that could allow an attacker to inject code through maliciously crafted data. Exploitation of this issue may result in code...