CVE-2024-0132 in Container Toolkitالمعلومات

الملخص

بحسب MITRE • 26/09/2024

NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

Nvidia

حجز

02/12/2023

إفشاء

26/09/2024

الاعتدال

تمت الموافقة

إدخال

VDB-278529

CPE

جاهز

CWE

CWE-367 (مؤكد)

استغلال

تحميل

CVSS

8.3 (NVD)

EPSS

0.03913

KEV

لا

النشاطات

منخفض جدًا

القطاع

Education, Insurance, ...

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2024-0132
NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-0132
CVE Details	https://www.cvedetails.com/cve/CVE-2024-0132/

التالي ▸نظرة عامة ◂ السابق

Might our Artificial Intelligence support you?

Check our Alexa App!