Primary

Context

NVIDIA RAPIDS cuDF and cuML Deserialization Vulnerability Leading to Code Execution and Information Disclosure

Vulnerability

A vulnerability exists in NVIDIA RAPIDS cuDF and cuML due to improper handling of deserialization of untrusted data. This issue could be exploited to execute arbitrary code, manipulate data, cause a denial of service, and disclose sensitive information. The vulnerability affects all versions prior to 24.12.00.

Impact

Exploitation of this vulnerability could result in arbitrary code execution, unauthorized data modification, service disruption, and exposure of confidential information.

Remediation

Users are advised to update to NVIDIA RAPIDS AI version 24.12.00 or later.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

NVIDIA RAPIDS cuDF and cuML Deserialization Vulnerability Leading to Code Execution and Information Disclosure

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating