Nvidia Container Toolkit vulnerabilities
5 known vulnerabilities affecting nvidia/container_toolkit.
Total CVEs
5
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH3LOW1
Vulnerabilities
Page 1 of 1
CVE-2025-23266CRITICALCVSS 9.0vNVIDIA Container Toolkit All versions up to and including 1.17.7 (CDI mode only for versions prior to 1.17.5)vNVIDIA GPU Operator All versions up to and including 25.3.0 (CDI mode only for versions prior to 25.3.0)2025-07-17
CVE-2025-23266 [CRITICAL] CWE-426 CVE-2025-23266: NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize
NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial of service.
cvelistv5nvd
CVE-2025-23267HIGHCVSS 8.5vNVIDIA Container Toolkit All versions up to and including 1.17.7 (CDI mode only for versions prior to 1.17.5)vNVIDIA GPU Operator All versions up to and including 25.3.0 (CDI mode only for versions prior to 25.3.0)2025-07-17
CVE-2025-23267 [HIGH] CWE-59 CVE-2025-23267: NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook, wher
NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook, where an attacker could cause a link following by using a specially crafted container image. A successful exploit of this vulnerability might lead to data tampering and denial of service.
cvelistv5nvd
CVE-2025-23359HIGHCVSS 8.1vAll versions up to and including 1.17.32025-02-12
CVE-2025-23359 [HIGH] CWE-367 CVE-2025-23359: NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when
NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and
cvelistv5nvd
CVE-2024-0132HIGHCVSS 8.3PoCvAll versions up to and including v1.16.12024-09-26
CVE-2024-0132 [CRITICAL] CWE-367 CVE-2024-0132: NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerabili
NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to code execution, deni
cvelistv5nvd
CVE-2024-0133LOWCVSS 3.4vAll versions up to and including v1.16.12024-09-26
CVE-2024-0133 [MEDIUM] CWE-367 CVE-2024-0133: NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of operation
NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of operation allowing a specially crafted container image to create empty files on the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to data tampering.
cvelistv5nvd