CVE-2025-22872 affecting package nvidia-container-toolkit for versions less than 1.17.8-2

CVE-2025-22872 affecting package nvidia-container-toolkit for versions less than 1.17.8-2. A patched version of the package is available...

CVE-2025-23266 affecting package nvidia-container-toolkit for versions less than 1.17.8-1

CVE-2025-23266 affecting package nvidia-container-toolkit for versions less than 1.17.8-1. An upgraded version of the package is available that resolves this issue...

AZL-65664 CVE-2025-22872 affecting package nvidia-container-toolkit for versions less than 1.17.8-3

The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content...

regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression.

...

AZL-6452 CVE-2021-41772 affecting package golang for versions less than 1.17.8-1

Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field...