Vulnerability Details CVE-2024-0133
NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of operation allowing a specially crafted container image to create empty files on the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to data tampering.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 29.9%
CVSS Severity
CVSS v3 Score 4.1
Products affected by CVE-2024-0133
-
cpe:2.3:a:nvidia:nvidia_container_toolkit:*
-
cpe:2.3:a:nvidia:nvidia_gpu_operator:*
-
cpe:2.3:o:linux:linux_kernel:-