criu-libs vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the criu-libs package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
H CVE-2025-22869	<0:3.18-5.module+el8.10.0+90541+332b2aa7
H Improper Privilege Management	<0:3.18-5.module+el8.10.0+90449+0b7c8529
M Directory Traversal	<0:3.18-5.module+el8.10.0+90449+0b7c8529
M Information Exposure	<0:3.18-5.module+el8.10.0+90449+0b7c8529
H Directory Traversal	<0:3.18-5.module+el8.10.0+90429+ee702c5c
H Improper Input Validation	<0:3.18-5.module+el8.10.0+90429+ee702c5c
H Link Following	<0:3.18-5.module+el8.10.0+90429+ee702c5c
H CVE-2024-34155	<0:3.18-5.module+el8.10.0+90416+5b0f6a17
H CVE-2024-34156	<0:3.18-5.module+el8.10.0+90416+5b0f6a17
H CVE-2024-34158	<0:3.18-5.module+el8.10.0+90416+5b0f6a17
M CVE-2024-24788	<0:3.18-5.module+el8.10.0+90412+9b361f34
M CVE-2024-24791	<0:3.18-5.module+el8.10.0+90412+9b361f34
H CVE-2024-37298	<0:3.18-5.module+el8.10.0+90384+a78ffc57
H Improper Validation of Integrity Check Value	<0:3.18-5.module+el8.10.0+90384+a78ffc57
H Information Exposure Through Log Files	<0:3.18-5.module+el8.10.0+90384+a78ffc57
M CVE-2024-24784	<0:3.18-5.module+el8.10.0+90412+9b361f34
H CVE-2024-24789	<0:3.18-5.module+el8.10.0+90384+a78ffc57
H CVE-2023-45290	<0:3.18-5.module+el8.10.0+90416+5b0f6a17
M CVE-2024-24783	<0:3.18-5.module+el8.10.0+90412+9b361f34
H Memory Leak	<0:3.18-5.module+el8.10.0+90384+a78ffc57
M CVE-2024-28176	<0:3.18-5.module+el8.10.0+90337+0d7b6e74
M CVE-2024-28180	<0:3.18-5.module+el8.10.0+90337+0d7b6e74
H CVE-2024-24786	<0:3.18-5.module+el8.10.0+90337+0d7b6e74
M Improper Check for Unusual or Exceptional Conditions	<0:3.18-4.module+el8.9.0+90147+a4870853
M Open Redirect	<0:3.18-4.module+el8.9.0+90147+a4870853
M Improper Certificate Validation	<0:3.18-4.module+el8.9.0+90147+a4870853
M CVE-2021-33198	<0:3.18-5.module+el8.10.0+90449+0b7c8529
M CVE-2023-45803	<0:3.18-4.module+el8.9.0+90147+a4870853
M Improper Validation of Integrity Check Value	<0:3.18-4.module+el8.9.0+90147+a4870853
H Link Following	<0:3.18-5.module+el8.10.0+90337+0d7b6e74
M CVE-2023-39326	<0:3.15-3.module+el8.9.0+90165+ead7974e
M Information Exposure	<0:3.18-4.module+el8.9.0+90147+a4870853
H Exposure of Resource to Wrong Sphere	<0:3.15-3.module+el8.9.0+90148+6046e3c3
M Cross-site Scripting (XSS)	<0:3.18-4.module+el8.9.0+90147+a4870853
M Allocation of Resources Without Limits or Throttling	<0:3.18-4.module+el8.9.0+90147+a4870853
M Allocation of Resources Without Limits or Throttling	<0:3.18-4.module+el8.9.0+90147+a4870853
M Resource Exhaustion	<0:3.18-4.module+el8.9.0+90147+a4870853
M CVE-2023-39321	<0:3.18-4.module+el8.9.0+90147+a4870853
H HTTP Request Smuggling	<0:3.18-5.module+el8.10.0+90337+0d7b6e74
M Cross-site Scripting (XSS)	<0:3.18-4.module+el8.9.0+90147+a4870853
H CVE-2022-41715	<0:3.18-5.module+el8.10.0+90337+0d7b6e74
M Allocation of Resources Without Limits or Throttling	<0:3.15-3.module+el8.9.0+90044+a34bc939
M Arbitrary Code Injection	<0:3.15-3.module+el8.9.0+90044+a34bc939
M Incorrect Authorization	<0:3.18-4.module+el8.9.0+90021+ce997450
M Interpretation Conflict	<0:3.15-3.module+el8.9.0+90086+8f2d6fb1
M CVE-2023-24540	<0:3.18-4.module+el8.9.0+90021+ce997450
M Arbitrary Code Injection	<0:3.18-4.module+el8.9.0+90021+ce997450
M Integer Overflow or Wraparound	<0:3.18-4.module+el8.9.0+90021+ce997450
M Arbitrary Code Injection	<0:3.18-4.module+el8.9.0+90021+ce997450
M Resource Exhaustion	<0:3.18-4.module+el8.9.0+90021+ce997450
M Allocation of Resources Without Limits or Throttling	<0:3.18-4.module+el8.9.0+90021+ce997450
M Cross-site Scripting (XSS)	<0:3.18-4.module+el8.9.0+90021+ce997450
M Resource Exhaustion	<0:3.18-4.module+el8.9.0+90021+ce997450
M CVE-2022-41723	<0:3.18-4.module+el8.9.0+90021+ce997450
M Resource Exhaustion	<0:3.18-4.module+el8.9.0+90021+ce997450
H Use of Incorrectly-Resolved Name or Reference	<0:3.15-3.module+el8.8.0+20984+ab6ce66c
H Link Following	<0:3.15-3.module+el8.8.0+21045+adcb6a64
H Improper Preservation of Permissions	<0:3.15-3.module+el8.8.0+20984+ab6ce66c
M Time-of-check Time-of-use (TOCTOU)	<0:3.15-3.module+el8.8.0+20984+ab6ce66c
M Allocation of Resources Without Limits or Throttling	<0:3.15-3.module+el8.8.0+20984+ab6ce66c
M Placement of User into Incorrect Group	<0:3.15-3.module+el8.8.0+20984+ab6ce66c
M Race Condition	<0:3.15-3.module+el8.7.0+20873+328b8baa
L Placement of User into Incorrect Group	<0:3.15-3.module+el8.7.0+20877+e0f9ac15
M Incorrect Default Permissions	<0:3.15-3.module+el8.7.0+20872+81cbf159
M Access of Resource Using Incompatible Type ('Type Confusion')	<0:3.15-3.module+el8.7.0+20873+328b8baa
M CVE-2022-27191	<0:3.15-3.module+el8.7.0+20872+81cbf159
M CVE-2022-27664	<0:3.15-3.module+el8.8.0+20984+ab6ce66c
M CVE-2022-32189	<0:3.15-3.module+el8.8.0+20984+ab6ce66c
M Allocation of Resources Without Limits or Throttling	<0:3.15-3.module+el8.7.0+20873+328b8baa
M Uncontrolled Recursion	<0:3.15-3.module+el8.8.0+20984+ab6ce66c
M Uncontrolled Recursion	<0:3.15-3.module+el8.8.0+21045+adcb6a64
M CVE-2022-32148	<0:3.15-3.module+el8.8.0+21045+adcb6a64
M Uncontrolled Recursion	<0:3.15-3.module+el8.8.0+20984+ab6ce66c
M Uncontrolled Recursion	<0:3.15-3.module+el8.8.0+21045+adcb6a64
M HTTP Request Smuggling	<0:3.15-3.module+el8.8.0+21045+adcb6a64
M Uncontrolled Recursion	<0:3.15-3.module+el8.8.0+20984+ab6ce66c
M Uncontrolled Recursion	<0:3.15-3.module+el8.8.0+20984+ab6ce66c
M Uncontrolled Recursion	<0:3.15-3.module+el8.8.0+20984+ab6ce66c
M Use of Insufficiently Random Values	<0:3.15-3.module+el8.8.0+21045+adcb6a64
H Incorrect Default Permissions	<0:3.15-3.module+el8.6.0+20656+53f7e955
H Allocation of Resources Without Limits or Throttling	<0:3.15-3.module+el8.6.0+20656+53f7e955
H Improper Privilege Management	<0:3.15-3.module+el8.6.0+20656+53f7e955
H Incorrect Default Permissions	<0:3.15-3.module+el8.6.0+20656+53f7e955
H Incorrect Default Permissions	<0:3.15-3.module+el8.6.0+20656+53f7e955
M Improper Cross-boundary Removal of Sensitive Data	<0:3.15-3.module+el8.5.0+20416+d687fed7
M Improper Locking	<0:3.15-3.module+el8.5.0+20416+d687fed7