{"id":"AZL-65651","summary":"CVE-2025-23266 affecting package nvidia-container-toolkit for versions less than 1.17.8-1","details":"NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial of service.","modified":"2026-04-21T04:37:39.354853Z","published":"2025-07-17T20:15:28Z","upstream":["CVE-2025-23266"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-23266"}],"affected":[{"package":{"name":"nvidia-container-toolkit","ecosystem":"Azure Linux:2","purl":"pkg:rpm/azure-linux/nvidia-container-toolkit"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.17.8-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-65651.json"}}],"schema_version":"1.7.5"}