Homepage
About Snyk

cri-o vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the cri-o package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Cross-site Scripting (XSS)

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
Resource Exhaustion

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
Resource Exhaustion

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
Improper Handling of Missing Special Element

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
Use After Free

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
CVE-2023-2728

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
CVE-2023-2727

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
Resource Exhaustion

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • M
Improper Validation of Integrity Check Value

*
  • H
Arbitrary Command Injection

<0:1.27.6-2.rhaos4.14.gitb3bd0bf.el9
  • H
Improper Privilege Management

<0:1.27.6-2.rhaos4.14.gitb3bd0bf.el9
  • H
Arbitrary Command Injection

<0:1.28.6-2.rhaos4.15.git77bbb1c.el9
  • H
Improper Privilege Management

<0:1.28.6-2.rhaos4.15.git77bbb1c.el9
  • H
Memory Leak

<0:1.26.5-11.1.rhaos4.13.git919cc6e.el9
  • H
Resource Exhaustion

<0:1.27.4-7.2.rhaos4.14.git082c52f.el9
  • H
HTTP Request Smuggling

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • H
Allocation of Resources Without Limits or Throttling

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • H
Time-of-check Time-of-use (TOCTOU)

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • H
Improper Input Validation

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • H
Resource Exhaustion

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • H
Resource Exhaustion

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • H
Resource Exhaustion

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • H
Allocation of Resources Without Limits or Throttling

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • H
Improper Initialization

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • H
Placement of User into Incorrect Group

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • H
Improper Handling of Unicode Encoding

<0:1.26.3-8.rhaos4.13.gitec064c9.el9
  • H
Improper Handling of Highly Compressed Data (Data Amplification)

<0:1.27.4-6.1.rhaos4.14.gitd09e4c0.el9
  • H
Memory Leak

<0:1.27.4-7.2.rhaos4.14.git082c52f.el9
  • H
Improper Handling of Highly Compressed Data (Data Amplification)

<0:1.25.3-5.2.rhaos4.12.git44a2cb2.el9
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:1.25.3-5.2.rhaos4.12.git44a2cb2.el9
  • H
Memory Leak

<0:1.25.3-5.2.rhaos4.12.git44a2cb2.el9
  • H
Improper Handling of Highly Compressed Data (Data Amplification)

<0:1.28.6-2.rhaos4.15.git77bbb1c.el9
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:1.28.4-8.rhaos4.15.git24f50b9.el9
  • H
Memory Leak

<0:1.28.4-8.rhaos4.15.git24f50b9.el9
  • H
Improper Handling of Unicode Encoding

<0:1.26.3-8.rhaos4.13.gitec064c9.el9
  • M
Improper Handling of Highly Compressed Data (Data Amplification)

<0:1.26.5-10.rhaos4.13.gita08b329.el9
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:1.26.5-10.rhaos4.13.gita08b329.el9
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:1.27.4-5.rhaos4.14.git8d40fed.el9
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • H
Truncation of Security-relevant Information

<0:1.28.3-14.rhaos4.15.git33aabd8.el9
  • H
Information Exposure

<0:1.28.3-14.rhaos4.15.git33aabd8.el9
  • H
Resource Exhaustion

<0:1.28.3-14.rhaos4.15.git33aabd8.el9
  • H
Resource Exhaustion

<0:1.28.3-14.rhaos4.15.git33aabd8.el9
  • H
Improper Handling of Unicode Encoding

<0:1.26.3-8.rhaos4.13.gitec064c9.el9
  • H
Directory Traversal

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • H
Use of a Broken or Risky Cryptographic Algorithm

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • M
Allocation of Resources Without Limits or Throttling

<0:1.26.4-9.1.rhaos4.13.gite26e057.el9
  • H
Arbitrary Code Injection

<0:1.26.3-9.rhaos4.13.git9232b13.el9
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:1.26.3-9.rhaos4.13.git9232b13.el9
  • M
Allocation of Resources Without Limits or Throttling

<0:1.26.4-6.1.rhaos4.13.git9eb9cf3.el9
  • M
Allocation of Resources Without Limits or Throttling

<0:1.27.2-7.rhaos4.14.git1cc7a64.el9
  • M
Allocation of Resources Without Limits or Throttling

<0:1.27.2-7.rhaos4.14.git1cc7a64.el9
  • H
Resource Exhaustion

<0:1.26.4-5.1.rhaos4.13.git969e013.el9
  • H
Resource Exhaustion

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
Resource Exhaustion

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
Allocation of Resources Without Limits or Throttling

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
CVE-2023-39321

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
Cross-site Scripting (XSS)

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
Cross-site Scripting (XSS)

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
Resource Exhaustion

<0:1.27.1-13.1.rhaos4.14.git956c5f7.el9
  • H
HTTP Response Splitting

<0:1.27.1-13.1.rhaos4.14.git956c5f7.el9
  • M
CVE-2023-39321

<0:1.27.1-13.1.rhaos4.14.git956c5f7.el9
  • M
Cross-site Scripting (XSS)

<0:1.27.1-13.1.rhaos4.14.git956c5f7.el9
  • M
Allocation of Resources Without Limits or Throttling

<0:1.27.1-13.1.rhaos4.14.git956c5f7.el9
  • M
Resource Exhaustion

<0:1.27.1-13.1.rhaos4.14.git956c5f7.el9
  • M
HTTP Response Splitting

<0:1.27.1-13.1.rhaos4.14.git956c5f7.el9
  • H
Exposure of Data Element to Wrong Session

<0:1.26.3-9.rhaos4.13.git9232b13.el9
  • H
Resource Exhaustion

<0:1.26.3-9.rhaos4.13.git9232b13.el9
  • M
Arbitrary Code Injection

<0:1.26.3-9.rhaos4.13.git9232b13.el9
  • H
Resource Exhaustion

<0:1.26.3-9.rhaos4.13.git9232b13.el9
  • M
Out-of-bounds Read

*
  • M
Improper Certificate Validation

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Incorrect Default Permissions

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Improper Initialization

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Server-Side Request Forgery (SSRF)

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Directory Traversal

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Improper Access Control

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Resource Exhaustion

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • H
Resource Exhaustion

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • M
File and Directory Information Exposure

<0:1.25.2-9.rhaos4.12.git0a083f9.el9
  • M
CVE-2022-41715

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
CVE-2022-41715

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Allocation of Resources Without Limits or Throttling

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Allocation of Resources Without Limits or Throttling

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
HTTP Request Smuggling

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
HTTP Request Smuggling

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Directory Traversal

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Directory Traversal

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Resource Exhaustion

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Resource Exhaustion

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Information Exposure

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Improperly Controlled Sequential Memory Allocation

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
HTTP Request Smuggling

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*