CVE-2024-0134

MEDIUM Year: 2024
CVSS v3 Score
4.1
Medium
Weakness Type
CWE-61
View all →

Vulnerability Description

NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name and location of the files cannot be controlled by an attacker. A successful exploit of this vulnerability might lead to data tampering.

Related Vulnerabilities

CVE-2023-20092

MEDIUM
CVSS:4.4(Medium)

Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. These vul...

CWE-612023

CVE-2023-20093

MEDIUM
CVSS:4.4(Medium)

Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. These vul...

CWE-612023

CVE-2024-45310

LOW
CVSS:3.6(Low)

runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or direct...

CWE-612024

CVE-2019-11249

MEDIUM
CVSS:4.8(Medium)

The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over th...

CWE-612019

CVE-2024-42367

MEDIUM
CVSS:4.8(Medium)

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.10.2, static routes which contain files with compressed variants (`.gz` or `.br` extension) are vulne...

CWE-612024

CVE-2024-34015

LOW
CVSS:3.3(Low)

Sensitive information disclosure during file browsing due to improper symbolic link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 1.8.3.818...

CWE-612024