VYPR

Go modules package

github.com/nvidia/nvidia-container-toolkit

pkg:golang/github.com/nvidia/nvidia-container-toolkit

Vulnerabilities (4)

  • CVE-2025-23267HigJul 17, 2025
    affected < 1.17.8fixed 1.17.8

    NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook, where an attacker could cause a link following by using a specially crafted container image. A successful exploit of this vulnerability might lead to data tampering and denial of servi

  • CVE-2025-23266CriJul 17, 2025
    affected < 1.17.8fixed 1.17.8

    NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data ta

  • CVE-2024-0133Sep 26, 2024
    affected < 1.16.2fixed 1.16.2

    NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of operation allowing a specially crafted container image to create empty files on the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerab

  • CVE-2024-0132Sep 26, 2024
    affected < 1.16.2fixed 1.16.2

    NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A su