github.com/NVIDIA/nvidia-container-toolkit

Go4 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting github.com/NVIDIA/nvidia-container-toolkitpage 1 of 1

CVE-2024-0132CRITICALCVSS 9.0EG 9.0✓ Fixed in 1.16.2
2024-09-26
NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not…
CVE-2024-0133MEDIUMCVSS 4.1EG 4.1✓ Fixed in 1.16.2
2024-09-26
NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of operation allowing a specially crafted container image to create empty files on the host file system. This does not impact use cases where CDI is us…
CVE-2025-23266CRITICALCVSS 9.0EG 9.0✓ Fixed in 1.17.8
2025-07-17
NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might …
CVE-2025-23267HIGHCVSS 8.5EG 8.5✓ Fixed in 1.17.8
2025-07-17
NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook, where an attacker could cause a link following by using a specially crafted container image. A successful exploit of this vulnerability might l…

Check whether github.com/NVIDIA/nvidia-container-toolkit is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for github.com/NVIDIA/nvidia-container-toolkit CVEs against the assets you own.

Start Free Scan →