CVE-2025-23267: CWE-59: Improper Link Resolution Before File Access ('Link Following') in NVIDIA Container Toolkit
NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook, where an attacker could cause a link following by using a specially crafted container image. A successful exploit of this vulnerability might lead to data tampering and denial of service.
CVE-2025-23267: CWE-59: Improper Link Resolution Before File Access ('Link Following') in NVIDIA Container Toolkit
Description
NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook, where an attacker could cause a link following by using a specially crafted container image. A successful exploit of this vulnerability might lead to data tampering and denial of service.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- nvidia
- Date Reserved
- 2025-01-14T01:06:23.291Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 68795303a83201eaace879b6
Added to database: 7/17/2025, 7:46:11 PM
Last updated: 7/17/2025, 7:46:11 PM
Views: 1
Related Threats
CVE-2025-34125: CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in D-Link DSP-W110A1
CriticalCVE-2025-7752: SQL Injection in code-projects Online Appointment Booking System
MediumCVE-2025-53964: n/a
UnknownCVE-2025-34124: CWE-121 Stack-based Buffer Overflow in The 3DO Company Heroes of Might and Magic III
HighCVE-2025-6249: CWE-602: Client-Side Enforcement of Server-Side Security in Lenovo FileZ Client
HighActions
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.