cri-o vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the cri-o package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
H Cross-site Scripting (XSS)	<0:1.27.1-8.1.rhaos4.14.git3fecb83.el8
H Resource Exhaustion	<0:1.27.1-8.1.rhaos4.14.git3fecb83.el8
H Resource Exhaustion	<0:1.27.1-8.1.rhaos4.14.git3fecb83.el8
H Improper Handling of Missing Special Element	<0:1.27.1-8.1.rhaos4.14.git3fecb83.el8
H Use After Free	<0:1.27.1-8.1.rhaos4.14.git3fecb83.el8
H CVE-2023-2728	<0:1.27.1-8.1.rhaos4.14.git3fecb83.el8
H CVE-2023-2727	<0:1.27.1-8.1.rhaos4.14.git3fecb83.el8
H Resource Exhaustion	<0:1.27.1-8.1.rhaos4.14.git3fecb83.el8
H Improper Privilege Management	<0:1.28.6-2.rhaos4.15.git77bbb1c.el8
M Improper Validation of Integrity Check Value	*
H Arbitrary Command Injection	<0:1.28.6-2.rhaos4.15.git77bbb1c.el8
H Improper Privilege Management	<0:1.28.6-2.rhaos4.15.git77bbb1c.el8
H Arbitrary Command Injection	<0:1.27.6-2.rhaos4.14.gitb3bd0bf.el8
H Improper Privilege Management	<0:1.27.6-2.rhaos4.14.gitb3bd0bf.el8
H Arbitrary Command Injection	<0:1.28.6-2.rhaos4.15.git77bbb1c.el8
H Resource Exhaustion	<0:1.27.6-2.rhaos4.14.gitb3bd0bf.el8
H Memory Leak	<0:1.26.5-11.1.rhaos4.13.git919cc6e.el8
H Improper Handling of Unicode Encoding	<0:1.26.3-7.rhaos4.13.gitec064c9.el8
H Improper Handling of Highly Compressed Data (Data Amplification)	<0:1.27.6-2.rhaos4.14.gitb3bd0bf.el8
H Memory Leak	<0:1.27.4-6.1.rhaos4.14.gitd09e4c0.el8
H Improper Handling of Highly Compressed Data (Data Amplification)	<0:1.25.5-13.1.rhaos4.12.git76343da.el8
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:1.25.5-13.1.rhaos4.12.git76343da.el8
H Memory Leak	<0:1.25.5-13.1.rhaos4.12.git76343da.el8
H Improper Handling of Highly Compressed Data (Data Amplification)	<0:1.28.6-2.rhaos4.15.git77bbb1c.el8
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:1.28.4-8.rhaos4.15.git24f50b9.el8
H Memory Leak	<0:1.28.4-8.rhaos4.15.git24f50b9.el8
H Improper Handling of Unicode Encoding	<0:1.26.3-7.rhaos4.13.gitec064c9.el8
M Loop with Unreachable Exit Condition ('Infinite Loop')	<0:1.27.4-5.rhaos4.14.git8d40fed.el8
M Improper Handling of Highly Compressed Data (Data Amplification)	<0:1.26.5-10.rhaos4.13.gita08b329.el8
M Loop with Unreachable Exit Condition ('Infinite Loop')	<0:1.26.5-10.rhaos4.13.gita08b329.el8
H Memory Leak	<0:1.28.4-8.rhaos4.15.git24f50b9.el8
H Improper Handling of Highly Compressed Data (Data Amplification)	<0:1.28.4-8.rhaos4.15.git24f50b9.el8
M Improper Input Validation	*
M Improper Input Validation	*
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:1.28.4-8.rhaos4.15.git24f50b9.el8
H Truncation of Security-relevant Information	<0:1.28.3-14.rhaos4.15.git33aabd8.el8
H Information Exposure	<0:1.28.3-14.rhaos4.15.git33aabd8.el8
H Resource Exhaustion	<0:1.28.3-14.rhaos4.15.git33aabd8.el8
H Resource Exhaustion	<0:1.28.3-14.rhaos4.15.git33aabd8.el8
M Allocation of Resources Without Limits or Throttling	<0:1.25.5-6.rhaos4.12.gitfcf6ef3.el8
H Improper Handling of Unicode Encoding	<0:1.26.3-7.rhaos4.13.gitec064c9.el8
H Directory Traversal	<0:1.26.3-7.rhaos4.13.gitec064c9.el8
H Use of a Broken or Risky Cryptographic Algorithm	<0:1.26.3-7.rhaos4.13.gitec064c9.el8
M Allocation of Resources Without Limits or Throttling	<0:1.26.4-9.1.rhaos4.13.gite26e057.el8
H Arbitrary Code Injection	<0:1.26.3-7.rhaos4.13.gitec064c9.el8
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:1.26.3-8.rhaos4.13.git9232b13.el8
M Allocation of Resources Without Limits or Throttling	<0:1.27.2-7.rhaos4.14.git1cc7a64.el8
M Allocation of Resources Without Limits or Throttling	<0:1.27.2-7.rhaos4.14.git1cc7a64.el8
M Allocation of Resources Without Limits or Throttling	<0:1.26.4-6.1.rhaos4.13.git9eb9cf3.el8
M Resource Exhaustion	<0:1.25.2-6.rhaos4.12.git3c4e50c.el8
H Truncation of Security-relevant Information	<0:1.28.3-14.rhaos4.15.git33aabd8.el8
H Resource Exhaustion	<0:1.28.3-14.rhaos4.15.git33aabd8.el8
M Information Exposure	<0:1.28.3-14.rhaos4.15.git33aabd8.el8
H Algorithmic Complexity	<0:1.25.5-2.rhaos4.12.git0217273.el8
H Resource Exhaustion	<0:1.25.5-2.rhaos4.12.git0217273.el8
H Resource Exhaustion	<0:1.24.6-6.1.rhaos4.11.git7f73171.el8_6
H Resource Exhaustion	<0:1.26.4-5.1.rhaos4.13.git969e013.el8
H Resource Exhaustion	<0:1.27.1-13.1.rhaos4.14.git956c5f7.el8
H Resource Exhaustion	<0:1.27.1-13.1.rhaos4.14.git956c5f7.el8
H Allocation of Resources Without Limits or Throttling	<0:1.27.1-13.1.rhaos4.14.git956c5f7.el8
H CVE-2023-39321	<0:1.27.1-13.1.rhaos4.14.git956c5f7.el8
H Cross-site Scripting (XSS)	<0:1.27.1-13.1.rhaos4.14.git956c5f7.el8
H Cross-site Scripting (XSS)	<0:1.27.1-13.1.rhaos4.14.git956c5f7.el8
H Resource Exhaustion	<0:1.27.1-13.1.rhaos4.14.git956c5f7.el8
H HTTP Response Splitting	<0:1.27.1-13.1.rhaos4.14.git956c5f7.el8
H Resource Exhaustion	<0:1.28.3-14.rhaos4.15.git33aabd8.el8
L Exposure of Data Element to Wrong Session	<0:1.24.5-5.rhaos4.11.git8bf967b.el8
H Exposure of Data Element to Wrong Session	<0:1.26.3-8.rhaos4.13.git9232b13.el8
H Resource Exhaustion	<0:1.26.3-8.rhaos4.13.git9232b13.el8
H Resource Exhaustion	<0:1.26.3-7.rhaos4.13.gitec064c9.el8
M Directory Traversal	<0:1.20.2-4.rhaos4.7.gitd5a999a.el8
H Cross-site Scripting (XSS)	<0:1.19.7-2.rhaos4.6.git3c20b65.el8
H Cross-site Scripting (XSS)	<0:1.21.5-3.rhaos4.8.gitaf64931.el8
M Cross-site Scripting (XSS)	<0:1.23.2-8.rhaos4.10.git8ad5d25.el8
M Cross-site Scripting (XSS)	<0:1.23.2-8.rhaos4.10.git8ad5d25.el8
H Link Following	<0:1.21.5-3.rhaos4.8.gitaf64931.el8
M Improper Certificate Validation	<0:1.25.1-5.rhaos4.12.git6005903.el8
M Incorrect Default Permissions	<0:1.22.5-7.rhaos4.9.git3dbcd3c.el8
M Incorrect Default Permissions	<0:1.23.2-8.rhaos4.10.git8ad5d25.el8
H Incorrect Behavior Order: Early Validation	<0:1.21.5-3.rhaos4.8.gitaf64931.el8
H Incorrect Behavior Order: Early Validation	<0:1.21.5-3.rhaos4.8.gitaf64931.el8
M Incorrect Default Permissions	<0:1.25.1-5.rhaos4.12.git6005903.el8
M Improper Initialization	<0:1.25.1-5.rhaos4.12.git6005903.el8
M Server-Side Request Forgery (SSRF)	<0:1.25.1-5.rhaos4.12.git6005903.el8
M Directory Traversal	<0:1.25.1-5.rhaos4.12.git6005903.el8
L Improper Access Control	<0:1.24.5-5.rhaos4.11.git8bf967b.el8
L Improper Access Control	<0:1.23.5-11.rhaos4.10.gitfc32aac.el8
M Improper Access Control	<0:1.25.1-5.rhaos4.12.git6005903.el8
M Resource Exhaustion	<0:1.25.1-5.rhaos4.12.git6005903.el8
H Link Following	<0:1.21.5-3.rhaos4.8.gitaf64931.el8
H Link Following	<0:1.21.5-3.rhaos4.8.gitaf64931.el8
H Incorrect Behavior Order: Early Validation	<0:1.21.5-3.rhaos4.8.gitaf64931.el8
H OS Command Injection	<0:1.21.5-3.rhaos4.8.gitaf64931.el8
H Information Exposure	<0:1.21.5-3.rhaos4.8.gitaf64931.el8
H Insufficiently Protected Credentials	<0:1.21.5-3.rhaos4.8.gitaf64931.el8
H Cross-site Scripting (XSS)	<0:1.21.5-3.rhaos4.8.gitaf64931.el8
M Cross-site Scripting (XSS)	<0:1.23.2-8.rhaos4.10.git8ad5d25.el8
H Cross-site Scripting (XSS)	<0:1.19.7-2.rhaos4.6.git3c20b65.el8
H Link Following	<0:1.21.5-3.rhaos4.8.gitaf64931.el8
H OS Command Injection	<0:1.21.5-3.rhaos4.8.gitaf64931.el8
H OS Command Injection	<0:1.21.5-3.rhaos4.8.gitaf64931.el8
H Authorization Bypass Through User-Controlled Key	*
H Incorrect Permission Assignment for Critical Resource	<0:1.20.6-11.rhaos4.7.git76ea3d0.el8
M Incorrect Permission Assignment for Critical Resource	<0:1.22.2-2.rhaos4.9.gitb030be8.el8
H Incorrect Permission Assignment for Critical Resource	<0:1.19.5-3.rhaos4.6.git91f8458.el8
M Incorrect Permission Assignment for Critical Resource	<0:1.23.1-9.rhaos4.10.gitbdffb9a.el8
M Incorrect Permission Assignment for Critical Resource	<0:1.21.5-2.rhaos4.8.gitaf64931.el8
H Arbitrary Code Injection	<0:1.21.5-3.rhaos4.8.gitaf64931.el8
H Arbitrary Code Injection	<0:1.20.6-11.rhaos4.7.git76ea3d0.el8
H Arbitrary Code Injection	<0:1.19.5-3.rhaos4.6.git91f8458.el8
H Arbitrary Code Injection	<0:1.23.1-12.rhaos4.10.git1607c6e.el8
H Arbitrary Code Injection	<0:1.22.2-3.rhaos4.9.gitb030be8.el8
M Improper Validation of Array Index	<0:1.20.2-4.rhaos4.7.gitd5a999a.el8
M Cross-site Scripting (XSS)	<0:1.23.1-9.rhaos4.10.gitbdffb9a.el8
H Improper Preservation of Permissions	<0:1.20.2-12.rhaos4.7.git9f7be76.el8
H Cross-site Request Forgery (CSRF)	<0:1.20.2-12.rhaos4.7.git9f7be76.el8
H XML External Entity (XXE) Injection	<0:1.20.2-12.rhaos4.7.git9f7be76.el8
H Improper Preservation of Permissions	<0:1.20.2-12.rhaos4.7.git9f7be76.el8
H Missing Authorization	<0:1.19.1-2.rhaos4.6.git2af9ecf.el8
M Improper Output Neutralization for Logs	<0:1.20.0-0.rhaos4.7.git8921e00.el8.51
H Missing Authorization	<0:1.19.1-2.rhaos4.6.git2af9ecf.el8
H Information Exposure	<0:1.19.1-2.rhaos4.6.git2af9ecf.el8
H Missing Authorization	<0:1.19.1-2.rhaos4.6.git2af9ecf.el8
M Authentication Bypass	<0:1.20.0-0.rhaos4.7.git8921e00.el8.51
M Covert Timing Channel	<0:1.20.0-0.rhaos4.7.git8921e00.el8.51
M Information Exposure	<0:1.20.0-0.rhaos4.7.git8921e00.el8.51
M Improper Cleanup on Thrown Exception	<0:1.14.12-15.dev.rhaos4.2.gita17905f.el8
H OS Command Injection	<0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8
H OS Command Injection	<0:1.13.12-6.dev.rhaos4.1.git8abaaeb.el8_0
H OS Command Injection	<0:1.14.12-10.dev.rhaos4.2.git313d784.el8
M Resource Exhaustion	<0:1.16.3-28.dev.rhaos4.3.git9aad8e4.el8
H XML External Entity (XXE) Injection	<0:1.19.1-2.rhaos4.6.git2af9ecf.el8
H XML External Entity (XXE) Injection	<0:1.19.1-2.rhaos4.6.git2af9ecf.el8
H Cross-site Scripting (XSS)	<0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8
H Cross-site Scripting (XSS)	<0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8
H Cross-site Scripting (XSS)	<0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8
H Cross-site Scripting (XSS)	<0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8
H Cross-site Scripting (XSS)	<0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8
H Cross-site Scripting (XSS)	<0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8
H Cross-site Request Forgery (CSRF)	<0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8
H Cross-site Request Forgery (CSRF)	<0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8
H Resource Exhaustion	<0:1.26.3-7.rhaos4.13.gitec064c9.el8
H HTTP Request Smuggling	<0:1.24.5-2.rhaos4.11.gitb007cb6.el8
M File and Directory Information Exposure	<0:1.25.2-10.rhaos4.12.git0a083f9.el8
M File and Directory Information Exposure	<0:1.24.4-10.rhaos4.11.git1ed5ac5.el8
M CVE-2022-41715	<0:1.25.2-6.rhaos4.12.git3c4e50c.el8
M Allocation of Resources Without Limits or Throttling	<0:1.25.1-5.rhaos4.12.git6005903.el8
M HTTP Request Smuggling	<0:1.25.2-6.rhaos4.12.git3c4e50c.el8
M Directory Traversal	<0:1.25.1-5.rhaos4.12.git6005903.el8
M Resource Exhaustion	<0:1.24.3-6.rhaos4.11.gitc4567c0.el8
M Resource Exhaustion	<0:1.25.1-5.rhaos4.12.git6005903.el8
M Resource Exhaustion	<0:1.25.1-5.rhaos4.12.git6005903.el8
M Resource Exhaustion	<0:1.24.3-6.rhaos4.11.gitc4567c0.el8
M Information Exposure	<0:1.25.1-5.rhaos4.12.git6005903.el8
M Information Exposure	<0:1.24.3-6.rhaos4.11.gitc4567c0.el8
M Improperly Controlled Sequential Memory Allocation	<0:1.25.1-5.rhaos4.12.git6005903.el8
M HTTP Request Smuggling	<0:1.24.1-11.rhaos4.11.gitb0d2ef3.el8
M HTTP Request Smuggling	<0:1.25.1-5.rhaos4.12.git6005903.el8
H Improper Input Validation	<0:1.24.5-2.rhaos4.11.gitb007cb6.el8
M Improper Input Validation	*
M Incorrect Authorization	<0:1.24.1-11.rhaos4.11.gitb0d2ef3.el8
M Incorrect Default Permissions	<0:1.24.1-11.rhaos4.11.gitb0d2ef3.el8
L Insufficient Entropy	<0:1.24.2-4.rhaos4.11.gitd6283df.el8
M Allocation of Resources Without Limits or Throttling	<0:1.23.3-3.rhaos4.10.git5fe1720.el8
M Allocation of Resources Without Limits or Throttling	<0:1.22.5-3.rhaos4.9.gitb6d3a87.el8
M Allocation of Resources Without Limits or Throttling	<0:1.20.8-3.rhaos4.7.gitb9df556.el8
M Allocation of Resources Without Limits or Throttling	<0:1.21.8-3.rhaos4.8.gitd7fbb0d.el8
H Allocation of Resources Without Limits or Throttling	<0:1.19.7-2.rhaos4.6.git3c20b65.el8
M Improper Privilege Management	<0:1.23.3-11.rhaos4.10.gitddf4b1a.1.el8
M Integer Overflow or Wraparound	<0:1.24.1-11.rhaos4.11.gitb0d2ef3.el8
M Integer Overflow or Wraparound	<0:1.23.3-11.rhaos4.10.gitddf4b1a.1.el8
M Buffer Overflow	<0:1.23.3-11.rhaos4.10.gitddf4b1a.1.el8
M Buffer Overflow	<0:1.24.1-11.rhaos4.11.gitb0d2ef3.el8
M Missing Release of Resource after Effective Lifetime	<0:1.24.1-11.rhaos4.11.gitb0d2ef3.el8
M Use of a Broken or Risky Cryptographic Algorithm	<0:1.24.1-11.rhaos4.11.gitb0d2ef3.el8
M Resource Exhaustion	<0:1.23.3-11.rhaos4.10.gitddf4b1a.1.el8
M Resource Exhaustion	<0:1.24.1-11.rhaos4.11.gitb0d2ef3.el8
M Unchecked Return Value	<0:1.23.3-11.rhaos4.10.gitddf4b1a.1.el8
M Unchecked Return Value	<0:1.24.1-11.rhaos4.11.gitb0d2ef3.el8
M Incorrect Authorization	<0:1.24.1-11.rhaos4.11.gitb0d2ef3.el8
M Incorrect Authorization	<0:1.23.3-11.rhaos4.10.gitddf4b1a.1.el8
M Resource Exhaustion	<0:1.24.1-11.rhaos4.11.gitb0d2ef3.el8
M Information Exposure	<0:1.22.1-17.rhaos4.9.git3029b1d.2.el8
M Information Exposure	<0:1.23.1-9.rhaos4.10.gitbdffb9a.el8
M Resource Exhaustion	<0:1.23.1-9.rhaos4.10.gitbdffb9a.el8
M Resource Exhaustion	<0:1.22.1-17.rhaos4.9.git3029b1d.2.el8
M Improper Input Validation	<0:1.24.1-11.rhaos4.11.gitb0d2ef3.el8
M Access of Resource Using Incompatible Type ('Type Confusion')	<0:1.23.1-9.rhaos4.10.gitbdffb9a.el8
M Improper Input Validation	<0:1.23.1-9.rhaos4.10.gitbdffb9a.el8
H Directory Traversal	<0:1.16.2-15.dev.rhaos4.3.gita83f883.el8
M Race Condition	<0:1.22.1-17.rhaos4.9.git3029b1d.2.el8
M Improper Input Validation	<0:1.22.1-17.rhaos4.9.git3029b1d.2.el8
M Resource Exhaustion	<0:1.20.4-7.rhaos4.7.git6287500.el8
M Resource Exhaustion	<0:1.21.2-8.rhaos4.8.git8d4264e.el8
M Improper Input Validation	<0:1.20.4-7.rhaos4.7.git6287500.el8
M Improper Input Validation	<0:1.21.2-8.rhaos4.8.git8d4264e.el8
M Improper Input Validation	<0:1.21.2-8.rhaos4.8.git8d4264e.el8
M Improper Input Validation	<0:1.20.4-7.rhaos4.7.git6287500.el8
H Improper Check for Unusual or Exceptional Conditions	<0:1.20.3-6.rhaos4.7.git0d0f863.el8
M Resource Exhaustion	<0:1.17.4-8.dev.rhaos4.4.git5f5c5e4.el8
M Improper Validation of Certificate with Host Mismatch	<0:1.23.1-9.rhaos4.10.gitbdffb9a.el8
H Heap-based Buffer Overflow	<0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8
H Out-of-Bounds	<0:1.20.3-6.rhaos4.7.git0d0f863.el8
H Heap-based Buffer Overflow	<0:1.16.2-15.dev.rhaos4.3.gita83f883.el8
M Incorrect Calculation	<0:1.20.2-4.rhaos4.7.gitd5a999a.el8
L NULL Pointer Dereference	*
M Improper Certificate Validation	<0:1.20.0-0.rhaos4.7.git8921e00.el8.51
H Improper Certificate Validation	<0:1.19.1-2.rhaos4.6.git2af9ecf.el8
H Race Condition	<0:1.20.2-12.rhaos4.7.git9f7be76.el8
L Race Condition	<0:1.18.4-7.rhaos4.5.git572d9f7.el8
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:1.20.2-12.rhaos4.7.git9f7be76.el8
L Loop with Unreachable Exit Condition ('Infinite Loop')	<0:1.18.4-7.rhaos4.5.git572d9f7.el8
H Improper Certificate Validation	<0:1.16.2-15.dev.rhaos4.3.gita83f883.el8
M Insufficiently Protected Credentials	<0:1.13.11-0.7.dev.rhaos4.1.git9cb8f2f.el8
H Resource Exhaustion	<0:1.13.11-0.13.dev.rhaos4.1.gitbdeb2ca.el8
H Resource Exhaustion	<0:1.13.11-0.13.dev.rhaos4.1.gitbdeb2ca.el8
M Improper Input Validation	<0:1.21.2-8.rhaos4.8.git8d4264e.el8
M Improper Input Validation	<0:1.20.4-7.rhaos4.7.git6287500.el8
M Resource Exhaustion	<0:1.21.2-8.rhaos4.8.git8d4264e.el8
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Improper Input Validation	<0:1.20.4-7.rhaos4.7.git6287500.el8
M Improper Input Validation	<0:1.21.2-8.rhaos4.8.git8d4264e.el8
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Improper Locking	<0:1.20.2-6.rhaos4.7.gitf1d5201.el8
M Improper Input Validation	*
M Use After Free	<0:1.17.4-8.dev.rhaos4.4.git5f5c5e4.el8
M Use After Free	<0:1.16.4-1.dev.rhaos4.3.git9238eee.el8