CVE-2024-0132 in Container Toolkitinfo

Zusammenfassung

von MITRE • 26.09.2024

NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

Nvidia

Reservieren

02.12.2023

Veröffentlichung

26.09.2024

Moderieren

akzeptiert

Eintrag

VDB-278529

CPE

bereit

CWE

CWE-367 (bestätigt)

Exploit

Download

CVSS

8.3 (NVD)

EPSS

0.03913

KEV

nein

Aktivitäten

very low

Sektor

Chemical, Lawfirm, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2024-0132
NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-0132
CVE Details	https://www.cvedetails.com/cve/CVE-2024-0132/

◂ Zurück Übersicht Weiter ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!