Homepage

cri-o vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the cri-o package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
Improper Authorization

*
  • M
Improper Authorization

*
  • M
Improper Authorization

*
  • M
Directory Traversal

*
  • H
Information Exposure

*
  • M
Link Following

*
  • M
Use of Uninitialized Variable

*
  • M
Misinterpretation of Input

*
  • H
Directory Traversal

*
  • H
Directory Traversal

*
  • M
Improper Validation of Integrity Check Value

*
  • H
Arbitrary Command Injection

*
  • H
Memory Leak

*
  • M
Improper Handling of Highly Compressed Data (Data Amplification)

*
  • M
Improper Input Validation

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Improper Input Validation

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Resource Exhaustion

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • H
Resource Exhaustion

*
  • H
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • L
Information Exposure

<0:1.10.5-1.rhaos3.10.git4c81456.el7
  • M
Improper Input Validation

<0:1.11.16-0.10.dev.rhaos3.11.git1eee681.el7
  • M
Improper Authentication

<0:1.10.6-2.rhaos3.10.git56d7d9a.el7
  • M
Improper Input Validation

<0:1.9.10-1.git8723732.el7
  • M
Improper Authentication

<0:1.0.4-2.git4aceede.el7
  • M
Improper Authorization

<0:1.9.10-1.git8723732.el7
  • M
Directory Traversal

<0:1.20.2-4.rhaos4.7.gitd5a999a.el7
  • H
Information Exposure

<0:1.11.10-1.rhaos3.11.git42c86f0.el7
  • H
Session Fixation

<0:1.11.10-1.rhaos3.11.git42c86f0.el7
  • H
Resource Exhaustion

<0:1.11.10-1.rhaos3.11.git42c86f0.el7
  • H
Information Exposure

<0:1.11.10-1.rhaos3.11.git42c86f0.el7
  • M
Link Following

<0:1.9.16-1.git78b2041.el7
  • H
Improper Authentication

<0:1.11.10-1.rhaos3.11.git42c86f0.el7
  • H
Cross-site Scripting (XSS)

<0:1.11.14-1.rhaos3.11.gitd56660e.el7
  • H
Improper Authentication

<0:1.11.14-1.rhaos3.11.gitd56660e.el7
  • H
Improper Input Validation

<0:1.11.10-1.rhaos3.11.git42c86f0.el7
  • M
Improper Input Validation

<0:1.9.12-1.gitfa11beb.el7
  • H
Cross-site Scripting (XSS)

<0:1.11.10-1.rhaos3.11.git42c86f0.el7
  • H
Directory Traversal

<0:1.11.10-1.rhaos3.11.git42c86f0.el7
  • M
Privilege Context Switching Error

<0:1.9.12-1.gitfa11beb.el7
  • H
Cross-site Scripting (XSS)

<0:1.21.5-3.rhaos4.8.gitaf64931.el7
  • H
Cross-site Scripting (XSS)

<0:1.19.7-2.rhaos4.6.git3c20b65.el7
  • H
Link Following

<0:1.21.5-3.rhaos4.8.gitaf64931.el7
  • M
Incorrect Default Permissions

<0:1.22.5-7.rhaos4.9.git3dbcd3c.el7
  • M
Incorrect Default Permissions

*
  • M
Incorrect Default Permissions

<0:1.22.5-7.rhaos4.9.git3dbcd3c.el7
  • H
Incorrect Behavior Order: Early Validation

<0:1.21.5-3.rhaos4.8.gitaf64931.el7
  • H
Incorrect Behavior Order: Early Validation

<0:1.21.5-3.rhaos4.8.gitaf64931.el7
  • L
Incorrect Default Permissions

*
  • L
Incorrect Default Permissions

*
  • L
Improper Access Control

<0:1.23.5-11.rhaos4.10.gitfc32aac.el7
  • L
Improper Access Control

*
  • L
Improper Access Control

*
  • H
Link Following

<0:1.21.5-3.rhaos4.8.gitaf64931.el7
  • H
Link Following

<0:1.21.5-3.rhaos4.8.gitaf64931.el7
  • H
Incorrect Behavior Order: Early Validation

<0:1.21.5-3.rhaos4.8.gitaf64931.el7
  • H
OS Command Injection

<0:1.21.5-3.rhaos4.8.gitaf64931.el7
  • H
Information Exposure

<0:1.21.5-3.rhaos4.8.gitaf64931.el7
  • H
Insufficiently Protected Credentials

<0:1.21.5-3.rhaos4.8.gitaf64931.el7
  • H
Cross-site Scripting (XSS)

<0:1.21.5-3.rhaos4.8.gitaf64931.el7
  • H
Cross-site Scripting (XSS)

<0:1.19.7-2.rhaos4.6.git3c20b65.el7
  • H
Link Following

<0:1.21.5-3.rhaos4.8.gitaf64931.el7
  • H
OS Command Injection

<0:1.21.5-3.rhaos4.8.gitaf64931.el7
  • H
OS Command Injection

<0:1.21.5-3.rhaos4.8.gitaf64931.el7
  • H
Authorization Bypass Through User-Controlled Key

*
  • M
Incorrect Permission Assignment for Critical Resource

<0:1.21.5-2.rhaos4.8.gitaf64931.el7
  • M
Incorrect Permission Assignment for Critical Resource

<0:1.22.2-2.rhaos4.9.gitb030be8.el7
  • M
Incorrect Permission Assignment for Critical Resource

*
  • M
Incorrect Permission Assignment for Critical Resource

<0:1.23.0-92.rhaos4.10.gitdaab4d1.el7
  • H
Incorrect Permission Assignment for Critical Resource

<0:1.19.5-3.rhaos4.6.git91f8458.el7
  • H
Incorrect Permission Assignment for Critical Resource

<0:1.20.6-11.rhaos4.7.git76ea3d0.el7
  • M
Incorrect Permission Assignment for Critical Resource

<0:1.22.2-2.rhaos4.9.gitb030be8.el7
  • H
Arbitrary Code Injection

<0:1.20.6-11.rhaos4.7.git76ea3d0.el7
  • H
Arbitrary Code Injection

<0:1.19.5-3.rhaos4.6.git91f8458.el7
  • H
Arbitrary Code Injection

<0:1.23.1-12.rhaos4.10.git1607c6e.el7
  • H
Arbitrary Code Injection

<0:1.22.2-3.rhaos4.9.gitb030be8.el7
  • H
Arbitrary Code Injection

<0:1.22.2-3.rhaos4.9.gitb030be8.el7
  • H
Arbitrary Code Injection

<0:1.21.5-3.rhaos4.8.gitaf64931.el7
  • M
Improper Validation of Array Index

<0:1.20.0-0.rhaos4.7.git8921e00.el7.51
  • M
Cross-site Scripting (XSS)

<0:1.23.0-92.rhaos4.10.gitdaab4d1.el7
  • H
Improper Preservation of Permissions

<0:1.20.2-12.rhaos4.7.git9f7be76.el7
  • H
Cross-site Request Forgery (CSRF)

<0:1.20.2-12.rhaos4.7.git9f7be76.el7
  • H
XML External Entity (XXE) Injection

<0:1.20.2-12.rhaos4.7.git9f7be76.el7
  • H
Improper Preservation of Permissions

<0:1.20.2-12.rhaos4.7.git9f7be76.el7
  • M
Improper Output Neutralization for Logs

<0:1.20.0-0.rhaos4.7.git8921e00.el7.51
  • M
Authentication Bypass

<0:1.20.0-0.rhaos4.7.git8921e00.el7.51
  • M
Covert Timing Channel

<0:1.20.0-0.rhaos4.7.git8921e00.el7.51
  • M
Information Exposure

<0:1.20.0-0.rhaos4.7.git8921e00.el7.51
  • M
Improper Cleanup on Thrown Exception

<0:1.14.12-24.dev.rhaos4.2.gita17905f.el7
  • M
Improper Cleanup on Thrown Exception

<0:1.11.16-0.10.dev.rhaos3.11.git1eee681.el7
  • H
API Abuse

<0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7
  • H
Information Exposure

<0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7
  • H
Information Exposure

<0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7
  • H
Covert Timing Channel

<0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7
  • H
Covert Timing Channel

<0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7
  • H
Insufficient Control of Network Message Volume (Network Amplification)

<0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7
  • H
Authentication Bypass by Primary Weakness

<0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7
  • H
OS Command Injection

<0:1.16.3-20.dev.rhaos4.3.git11c04e3.el7
  • H
OS Command Injection

<0:1.14.12-19.dev.rhaos4.2.git313d784.el7
  • H
OS Command Injection

<0:1.13.12-6.dev.rhaos4.1.git8abaaeb.el7
  • H
Improper Access Control

<0:1.9.16-3.git858756d.el7
  • H
Incomplete Blacklist

<0:1.11.14-1.rhaos3.11.gitd56660e.el7
  • H
Insufficiently Protected Credentials

<0:1.11.14-1.rhaos3.11.gitd56660e.el7
  • M
Resource Exhaustion

<0:1.11.16-0.10.dev.rhaos3.11.git1eee681.el7
  • M
Resource Exhaustion

<0:1.16.3-26.dev.rhaos4.3.git9aad8e4.el7
  • M
Man-in-the-Middle (MitM)

<0:1.11.16-0.10.dev.rhaos3.11.git1eee681.el7
  • H
Cross-site Scripting (XSS)

<0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7
  • H
Cross-site Scripting (XSS)

<0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7
  • H
Cross-site Scripting (XSS)

<0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7
  • H
Cross-site Scripting (XSS)

<0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7
  • H
Cross-site Scripting (XSS)

<0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7
  • H
Cross-site Scripting (XSS)

<0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7
  • H
Cross-site Request Forgery (CSRF)

<0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7
  • H
Cross-site Request Forgery (CSRF)

<0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7
  • M
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • M
File and Directory Information Exposure

*
  • M
Resource Exhaustion

*
  • L
Resource Exhaustion

*
  • M
Information Exposure

*
  • M
Improperly Controlled Sequential Memory Allocation

*
  • M
HTTP Request Smuggling

*
  • M
Improper Input Validation

*
  • L
Insufficient Entropy

*
  • H
Allocation of Resources Without Limits or Throttling

<0:1.19.7-2.rhaos4.6.git3c20b65.el7
  • M
Allocation of Resources Without Limits or Throttling

<0:1.20.8-3.rhaos4.7.gitb9df556.el7
  • M
Allocation of Resources Without Limits or Throttling

<0:1.11.16-0.17.rhaos3.11.git4c0a8ad.el7
  • M
Allocation of Resources Without Limits or Throttling

<0:1.21.8-3.rhaos4.8.gitd7fbb0d.el7
  • M
Allocation of Resources Without Limits or Throttling

<0:1.22.5-3.rhaos4.9.gitb6d3a87.el7
  • M
Allocation of Resources Without Limits or Throttling

<0:1.22.5-3.rhaos4.9.gitb6d3a87.el7
  • M
Improper Privilege Management

<0:1.23.3-11.rhaos4.10.gitddf4b1a.1.el7
  • M
Integer Overflow or Wraparound

<0:1.23.3-13.rhaos4.10.git6af791c.1.el7
  • M
Buffer Overflow

<0:1.23.3-13.rhaos4.10.git6af791c.1.el7
  • H
Improper Preservation of Permissions

*
  • M
Use of a Broken or Risky Cryptographic Algorithm

*
  • M
Resource Exhaustion

<0:1.23.3-11.rhaos4.10.gitddf4b1a.1.el7
  • M
Unchecked Return Value

<0:1.23.3-13.rhaos4.10.git6af791c.1.el7
  • M
Incorrect Authorization

<0:1.23.3-13.rhaos4.10.git6af791c.1.el7
  • M
Integer Overflow or Wraparound

*
  • M
Information Exposure

<0:1.22.1-17.rhaos4.9.git3029b1d.el7
  • M
Information Exposure

<0:1.23.0-92.rhaos4.10.gitdaab4d1.el7
  • M
Information Exposure

<0:1.22.1-17.rhaos4.9.git3029b1d.el7
  • M
Resource Exhaustion

<0:1.23.0-92.rhaos4.10.gitdaab4d1.el7
  • M
Resource Exhaustion

<0:1.22.1-17.rhaos4.9.git3029b1d.el7
  • M
Resource Exhaustion

<0:1.22.1-17.rhaos4.9.git3029b1d.el7
  • M
Improper Input Validation

*
  • L
Access of Resource Using Incompatible Type ('Type Confusion')

*
  • M
Access of Resource Using Incompatible Type ('Type Confusion')

<0:1.23.0-92.rhaos4.10.gitdaab4d1.el7
  • M
Improper Input Validation

<0:1.23.0-92.rhaos4.10.gitdaab4d1.el7
  • H
Directory Traversal

<0:1.16.2-13.dev.rhaos4.3.gita83f883.el7
  • M
Race Condition

<0:1.22.1-17.rhaos4.9.git3029b1d.el7
  • M
Race Condition

<0:1.22.1-17.rhaos4.9.git3029b1d.el7
  • M
Improper Input Validation

<0:1.22.1-17.rhaos4.9.git3029b1d.el7
  • M
Improper Input Validation

<0:1.22.1-17.rhaos4.9.git3029b1d.el7
  • M
Resource Exhaustion

<0:1.21.2-8.rhaos4.8.git8d4264e.el7
  • M
Resource Exhaustion

<0:1.20.4-7.rhaos4.7.git6287500.el7
  • M
Improper Input Validation

<0:1.20.4-7.rhaos4.7.git6287500.el7
  • M
Improper Input Validation

<0:1.21.2-8.rhaos4.8.git8d4264e.el7
  • M
Improper Input Validation

<0:1.21.2-8.rhaos4.8.git8d4264e.el7
  • M
Improper Input Validation

<0:1.20.4-7.rhaos4.7.git6287500.el7
  • H
Improper Check for Unusual or Exceptional Conditions

<0:1.20.3-6.rhaos4.7.git0d0f863.el7
  • M
Improper Input Validation

<0:1.11.16-0.10.dev.rhaos3.11.git1eee681.el7
  • M
Resource Exhaustion

<0:1.17.4-8.dev.rhaos4.4.git5f5c5e4.el7
  • L
Resource Exhaustion

<0:1.11.16-0.9.dev.rhaos3.11.git6d43aae.el7
  • M
Improper Validation of Certificate with Host Mismatch

<0:1.23.0-92.rhaos4.10.gitdaab4d1.el7
  • H
Heap-based Buffer Overflow

<0:1.16.3-20.dev.rhaos4.3.git11c04e3.el7
  • H
Out-of-Bounds

<0:1.20.3-6.rhaos4.7.git0d0f863.el7
  • H
Heap-based Buffer Overflow

<0:1.16.2-13.dev.rhaos4.3.gita83f883.el7
  • M
Incorrect Calculation

*
  • M
Incorrect Calculation

<0:1.20.2-4.rhaos4.7.gitd5a999a.el7
  • L
NULL Pointer Dereference

*
  • M
Improper Certificate Validation

<0:1.20.0-0.rhaos4.7.git8921e00.el7.51
  • H
Race Condition

<0:1.20.2-12.rhaos4.7.git9f7be76.el7
  • L
Race Condition

<0:1.18.4-7.rhaos4.5.git572d9f7.el7
  • L
Race Condition

*
  • L
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:1.18.4-7.rhaos4.5.git572d9f7.el7
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:1.20.2-12.rhaos4.7.git9f7be76.el7
  • L
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • H
Cross-site Scripting (XSS)

<0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7
  • H
Improper Certificate Validation

<0:1.16.2-13.dev.rhaos4.3.gita83f883.el7
  • M
Insufficiently Protected Credentials

<0:1.11.16-0.2.dev.rhaos3.11.git3f89eba.el7
  • M
Insufficiently Protected Credentials

<0:1.13.11-0.4.dev.rhaos4.1.git9cb8f2f.el7
  • M
Insufficiently Protected Credentials

<0:1.9.16-5.git858756d.el7
  • M
Insufficiently Protected Credentials

<0:1.10.6-2.rhaos3.10.git56d7d9a.el7
  • M
HTTP Request Smuggling

*
  • H
Resource Exhaustion

<0:1.13.11-0.10.dev.rhaos4.1.gitbdeb2ca.el7
  • H
Resource Exhaustion

<0:1.9.16-3.git858756d.el7
  • M
Resource Exhaustion

<0:1.11.16-0.2.dev.rhaos3.11.git3f89eba.el7
  • M
Resource Exhaustion

<0:1.11.16-0.2.dev.rhaos3.11.git3f89eba.el7
  • H
Resource Exhaustion

<0:1.13.11-0.10.dev.rhaos4.1.gitbdeb2ca.el7
  • H
Resource Exhaustion

<0:1.9.16-3.git858756d.el7
  • M
Improper Input Validation

<0:1.21.2-8.rhaos4.8.git8d4264e.el7
  • M
Improper Input Validation

<0:1.20.4-7.rhaos4.7.git6287500.el7
  • M
Resource Exhaustion

<0:1.21.2-8.rhaos4.8.git8d4264e.el7
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Improper Input Validation

<0:1.21.2-8.rhaos4.8.git8d4264e.el7
  • M
Improper Input Validation

<0:1.20.4-7.rhaos4.7.git6287500.el7
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Improper Locking

<0:1.20.2-6.rhaos4.7.gitf1d5201.el7
  • M
Improper Input Validation

*
  • M
Use After Free

<0:1.11.16-0.10.dev.rhaos3.11.git1eee681.el7
  • M
Use After Free

<0:1.17.4-8.dev.rhaos4.4.git5f5c5e4.el7
  • M
Use After Free

<0:1.16.4-1.dev.rhaos4.3.git9238eee.el7