Vulnerability Report: GO-2024-3237

CVE-2024-0133, GHSA-f748-7hpg-88ch
Affects: github.com/NVIDIA/nvidia-container-toolkit
Published: Nov 04, 2024
Unreviewed

NVIDIA Container Toolkit allows specially crafted container image to create empty files on the host file system in github.com/NVIDIA/nvidia-container-toolkit

For detailed information about this vulnerability, visit https://github.com/NVIDIA/nvidia-container-toolkit/security/advisories/GHSA-f748-7hpg-88ch or https://nvd.nist.gov/vuln/detail/CVE-2024-0133.

Affected Modules

Path

Go Versions
github.com/NVIDIA/nvidia-container-toolkit

before v1.16.2

Aliases

CVE-2024-0133
GHSA-f748-7hpg-88ch

References

https://github.com/NVIDIA/nvidia-container-toolkit/security/advisories/GHSA-f748-7hpg-88ch
https://nvd.nist.gov/vuln/detail/CVE-2024-0133
https://advisory-inbox.githubapp.com/advisory_reviews/GHSA-wqq7-v22c-gpfp
https://github.com/NVIDIA/libnvidia-container/security/advisories/GHSA-xff4-h7r9-vrpf
https://nvidia.custhelp.com/app/answers/detail/a_id/5582
https://vuln.go.dev/ID/GO-2024-3237.json

Feedback

This report is unreviewed. It was automatically generated from a third-party source and its details have not been verified by the Go team.

See anything missing or incorrect? Suggest an edit to this report.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL