[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-0133":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":28,"aliases":29,"duplicate_of":9,"upstream":32,"downstream":33,"duplicates":44,"related":45,"reserved_at":9,"published_at":53,"modified_at":54,"state":55,"summary":56,"references_raw":65,"kevs":96,"epss":97,"epss_history":100,"metrics":366,"affected":382},"CVE-2024-0133","NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of operation allowing a specially crafted container image to create empty files on the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to data tampering.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-367","Time-of-check Time-of-use (TOCTOU) Race Condition","The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check.","weakness","Incomplete","Base","Medium",[20,24],{"id":21,"name":22,"techniques":23},"CAPEC-27","Leveraging Race Conditions via Symbolic Links",[],{"id":25,"name":26,"techniques":27},"CAPEC-29","Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions",[],[],[30,31],"GHSA-f748-7hpg-88ch","GO-2024-3237",[],[34,36,38,40,42],{"_key":35},"OPENSUSE-SU-2024:0350-1",{"_key":37},"SUSE-SU-2024:3950-1",{"_key":39},"OPENSUSE-SU-2024:14458-1",{"_key":41},"SUSE-SU-2025:4187-1",{"_key":43},"SUSE-SU-2026:0558-1",[],[46,47,48,49,50,51],{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":52},"CGA-QQV4-68P4-QMWX","2024-09-26T05:21:33.599Z","2024-09-26T13:30:42.127Z","Analyzed",{"cisa_kev":57,"cisa_ransomware":57,"cisa_vendor":9,"epss_severity":58,"epss_score":59,"severity":60,"severity_score":61,"severity_version":62,"severity_source":63,"severity_vector":64,"severity_status":55},false,"low",0.00634,"medium",4.1,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N",[66,74,78,83,87,91],{"url":67,"sources":68,"tags":71},"https://nvidia.custhelp.com/app/answers/detail/a_id/5582",[63,69,70],"nvd","osv_go",[72,73],"Vendor Advisory","WEB",{"url":75,"sources":76,"tags":77},"https://github.com/NVIDIA/libnvidia-container/security/advisories/GHSA-xff4-h7r9-vrpf",[70],[73],{"url":79,"sources":80,"tags":81},"https://github.com/NVIDIA/nvidia-container-toolkit/security/advisories/GHSA-f748-7hpg-88ch",[70],[73,82],"Advisory",{"url":84,"sources":85,"tags":86},"https://nvd.nist.gov/vuln/detail/CVE-2024-0133",[70],[82],{"url":88,"sources":89,"tags":90},"https://advisory-inbox.githubapp.com/advisory_reviews/GHSA-wqq7-v22c-gpfp",[70],[73],{"url":92,"sources":93,"tags":94},"https://github.com/NVIDIA/nvidia-container-toolkit",[70],[95],"PACKAGE",[],{"date":98,"score":59,"percentile":99},"2026-06-04",0.70759,[101,104,107,110,113,116,119,122,124,127,130,133,136,138,141,145,148,151,154,157,160,163,166,168,170,173,176,179,183,186,190,194,197,200,203,206,209,212,215,218,221,224,226,229,232,235,238,241,244,247,250,253,256,259,262,265,267,270,272,275,278,281,284,287,289,292,295,298,301,304,307,310,313,316,319,322,325,328,330,333,336,339,342,345,348,351,354,357,360,363],{"date":102,"score":59,"percentile":103},"2025-11-04",0.6955,{"date":105,"score":59,"percentile":106},"2025-11-05",0.69538,{"date":108,"score":59,"percentile":109},"2025-11-06",0.69535,{"date":111,"score":59,"percentile":112},"2025-11-07",0.69546,{"date":114,"score":59,"percentile":115},"2025-11-08",0.69547,{"date":117,"score":59,"percentile":118},"2025-11-09",0.69536,{"date":120,"score":59,"percentile":121},"2025-11-10",0.69527,{"date":123,"score":59,"percentile":118},"2025-11-11",{"date":125,"score":59,"percentile":126},"2025-11-12",0.69559,{"date":128,"score":59,"percentile":129},"2025-11-13",0.69566,{"date":131,"score":59,"percentile":132},"2025-11-14",0.69574,{"date":134,"score":59,"percentile":135},"2025-11-15",0.6957,{"date":137,"score":59,"percentile":129},"2025-11-16",{"date":139,"score":59,"percentile":140},"2025-11-17",0.69562,{"date":142,"score":143,"percentile":144},"2025-11-18",0.00327,0.5265,{"date":146,"score":143,"percentile":147},"2025-11-19",0.52664,{"date":149,"score":143,"percentile":150},"2025-11-20",0.52649,{"date":152,"score":59,"percentile":153},"2025-11-21",0.6958,{"date":155,"score":59,"percentile":156},"2025-11-22",0.69576,{"date":158,"score":59,"percentile":159},"2025-11-23",0.69563,{"date":161,"score":59,"percentile":162},"2025-11-24",0.69554,{"date":164,"score":59,"percentile":165},"2025-11-25",0.69556,{"date":167,"score":59,"percentile":140},"2025-11-26",{"date":169,"score":59,"percentile":140},"2025-11-27",{"date":171,"score":59,"percentile":172},"2025-11-28",0.69553,{"date":174,"score":59,"percentile":175},"2025-11-29",0.69539,{"date":177,"score":59,"percentile":178},"2025-11-30",0.69534,{"date":180,"score":181,"percentile":182},"2025-12-01",0.0034,0.56232,{"date":184,"score":181,"percentile":185},"2025-12-02",0.56245,{"date":187,"score":188,"percentile":189},"2025-12-03",0.0035,0.56904,{"date":191,"score":192,"percentile":193},"2025-12-04",0.00651,0.70036,{"date":195,"score":192,"percentile":196},"2025-12-05",0.7005,{"date":198,"score":192,"percentile":199},"2025-12-06",0.70055,{"date":201,"score":192,"percentile":202},"2025-12-07",0.70053,{"date":204,"score":192,"percentile":205},"2025-12-08",0.70057,{"date":207,"score":192,"percentile":208},"2025-12-09",0.70088,{"date":210,"score":192,"percentile":211},"2025-12-10",0.7013,{"date":213,"score":192,"percentile":214},"2025-12-11",0.70152,{"date":216,"score":192,"percentile":217},"2025-12-12",0.70178,{"date":219,"score":192,"percentile":220},"2025-12-13",0.70181,{"date":222,"score":192,"percentile":223},"2025-12-14",0.70185,{"date":225,"score":192,"percentile":220},"2025-12-15",{"date":227,"score":59,"percentile":228},"2025-12-16",0.69679,{"date":230,"score":59,"percentile":231},"2025-12-17",0.69693,{"date":233,"score":59,"percentile":234},"2025-12-18",0.69724,{"date":236,"score":59,"percentile":237},"2025-12-19",0.69741,{"date":239,"score":59,"percentile":240},"2025-12-20",0.69738,{"date":242,"score":59,"percentile":243},"2025-12-21",0.69728,{"date":245,"score":59,"percentile":246},"2025-12-22",0.69725,{"date":248,"score":59,"percentile":249},"2025-12-23",0.69727,{"date":251,"score":59,"percentile":252},"2025-12-24",0.69735,{"date":254,"score":59,"percentile":255},"2025-12-25",0.6976,{"date":257,"score":59,"percentile":258},"2025-12-26",0.69758,{"date":260,"score":59,"percentile":261},"2025-12-27",0.698,{"date":263,"score":59,"percentile":264},"2025-12-28",0.69732,{"date":266,"score":59,"percentile":243},"2025-12-29",{"date":268,"score":59,"percentile":269},"2025-12-30",0.6974,{"date":271,"score":59,"percentile":255},"2025-12-31",{"date":273,"score":181,"percentile":274},"2026-01-01",0.56433,{"date":276,"score":181,"percentile":277},"2026-01-02",0.56413,{"date":279,"score":181,"percentile":280},"2026-01-03",0.56405,{"date":282,"score":59,"percentile":283},"2026-01-04",0.69763,{"date":285,"score":59,"percentile":286},"2026-01-05",0.69754,{"date":288,"score":59,"percentile":283},"2026-01-06",{"date":290,"score":59,"percentile":291},"2026-01-07",0.69776,{"date":293,"score":59,"percentile":294},"2026-01-08",0.69791,{"date":296,"score":59,"percentile":297},"2026-01-09",0.69796,{"date":299,"score":59,"percentile":300},"2026-01-10",0.69797,{"date":302,"score":59,"percentile":303},"2026-01-11",0.6979,{"date":305,"score":59,"percentile":306},"2026-01-12",0.69784,{"date":308,"score":59,"percentile":309},"2026-01-13",0.6978,{"date":311,"score":59,"percentile":312},"2026-01-14",0.69811,{"date":314,"score":59,"percentile":315},"2026-01-15",0.69816,{"date":317,"score":59,"percentile":318},"2026-01-16",0.69834,{"date":320,"score":59,"percentile":321},"2026-01-17",0.69827,{"date":323,"score":59,"percentile":324},"2026-01-18",0.69809,{"date":326,"score":59,"percentile":327},"2026-01-19",0.69802,{"date":329,"score":59,"percentile":312},"2026-01-20",{"date":331,"score":59,"percentile":332},"2026-01-21",0.69817,{"date":334,"score":59,"percentile":335},"2026-01-22",0.6983,{"date":337,"score":59,"percentile":338},"2026-01-23",0.69861,{"date":340,"score":59,"percentile":341},"2026-01-24",0.69865,{"date":343,"score":59,"percentile":344},"2026-01-25",0.69837,{"date":346,"score":59,"percentile":347},"2026-01-26",0.69833,{"date":349,"score":59,"percentile":350},"2026-01-27",0.69836,{"date":352,"score":59,"percentile":353},"2026-01-28",0.69849,{"date":355,"score":59,"percentile":356},"2026-01-29",0.69846,{"date":358,"score":59,"percentile":359},"2026-01-30",0.69853,{"date":361,"score":59,"percentile":362},"2026-01-31",0.69858,{"date":364,"score":181,"percentile":365},"2026-02-01",0.56409,[367,372,377],{"source":63,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":368,"cvss_v4_0":9},{"baseScore":61,"baseSeverity":369,"vectorString":64,"impactScore":370,"exploitabilityScore":371},"MEDIUM",2.3,5.9,{"source":69,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":373,"cvss_v4_0":9},{"baseScore":374,"baseSeverity":375,"vectorString":376,"impactScore":370,"exploitabilityScore":61},3.4,"LOW","CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N",{"source":70,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":378,"cvss_v4_0":379},{"baseScore":61,"baseSeverity":9,"vectorString":64,"impactScore":370,"exploitabilityScore":371},{"baseScore":380,"baseSeverity":9,"vectorString":381,"impactScore":9,"exploitabilityScore":9},4.8,"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N",[383,396,405,411,418],{"ecosystem":384,"name":385,"vendor":386,"product":387,"cpe_part":9,"purl_type":388,"purl_namespace":386,"purl_name":387,"source":9,"versions":389},"Go","github.com/NVIDIA/nvidia-container-toolkit","github.com/NVIDIA","nvidia-container-toolkit","golang",[390],{"version":391,"is_range":392,"range_type":393,"version_start":9,"version_start_type":9,"version_end":394,"version_end_type":395,"fixed_in":9},"lt1_16_2",true,"semver","1.16.2","excluding",{"ecosystem":9,"name":397,"vendor":398,"product":399,"cpe_part":400,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":401},"Container Toolkit","nvidia","container toolkit","a",[402],{"version":403,"is_range":57,"range_type":63,"version_start":403,"version_start_type":404,"version_end":403,"version_end_type":404,"fixed_in":9},"All versions up to and including v1.16.1","including",{"ecosystem":9,"name":406,"vendor":398,"product":407,"cpe_part":400,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":408},"GPU Operator","gpu operator",[409],{"version":410,"is_range":57,"range_type":63,"version_start":410,"version_start_type":404,"version_end":410,"version_end_type":404,"fixed_in":9},"All versions up to and including 24.6.1",{"ecosystem":9,"name":412,"vendor":398,"product":413,"cpe_part":400,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":414},"nvidia container toolkit","nvidia_container_toolkit",[415],{"version":416,"is_range":392,"range_type":417,"version_start":9,"version_start_type":9,"version_end":394,"version_end_type":395,"fixed_in":9},"lt1.16.2","cpe",{"ecosystem":9,"name":419,"vendor":398,"product":420,"cpe_part":400,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":421},"nvidia gpu operator","nvidia_gpu_operator",[422],{"version":423,"is_range":392,"range_type":417,"version_start":9,"version_start_type":9,"version_end":424,"version_end_type":395,"fixed_in":9},"lt24.6.2","24.6.2"]