CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-0132

NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.052

EPSS Ranking 89.5%

CVSS Severity

CVSS v3 Score 9.0

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5582

Products affected by CVE-2024-0132

Nvidia » Nvidia Container Toolkit » Version: Any

cpe:2.3:a:nvidia:nvidia_container_toolkit:*
Nvidia » Nvidia Gpu Operator » Version: Any

cpe:2.3:a:nvidia:nvidia_gpu_operator:*
Linux » Linux Kernel » Version: N/A

cpe:2.3:o:linux:linux_kernel:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-0132

Products

Pricing

Contact Us