kata-containers

Direct Vulnerabilities

Known vulnerabilities in the kata-containers package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
H Improper Validation of Unsafe Equivalence in Input	*
M Time-of-check Time-of-use (TOCTOU)	*
M Cross-site Scripting (XSS)	*
M Allocation of Resources Without Limits or Throttling	*
M Excessive Platform Resource Consumption within a Loop	*
M NULL Pointer Dereference	*
H Incorrect Behavior Order: Authorization Before Parsing and Canonicalization	*
M Link Following	*
M Improper Certificate Validation	*
L Improper Validation of Syntactic Correctness of Input	*
M NULL Pointer Dereference	*
H Improper Certificate Validation	*
H Improper Validation of Syntactic Correctness of Input	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
H Uncaught Exception	*
M Information Exposure	*
H Improper Verification of Cryptographic Signature	*
M CVE-2025-68121	*
H Improper Certificate Validation	*
M Directory Traversal	*
H Improper Preservation of Permissions	*
H Allocation of Resources Without Limits or Throttling	*
M Improper Validation of Specified Type of Input	*
L Improper Check or Handling of Exceptional Conditions	*
M Signed to Unsigned Conversion Error	*
H Excessive Platform Resource Consumption within a Loop	*
M Improper Certificate Validation	*
L CVE-2025-58186	*
M Resource Exhaustion	*
M Missing Reference to Active Allocated Resource	*
H Incorrect Execution-Assigned Permissions	*
M Reachable Assertion	*
M Creation of Immutable Text Using String Concatenation	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Improper Output Neutralization for Logs	*
H Access of Resource Using Incompatible Type ('Type Confusion')	*
M Improper Check for Unusual or Exceptional Conditions	*
M Expected Behavior Violation	*
M Expected Behavior Violation	*
M Directory Traversal	*
M Allocation of Resources Without Limits or Throttling	*
L Improper Neutralization	*
M Time-of-check Time-of-use (TOCTOU)	*
L Out-of-bounds Read	*
L Out-of-bounds Read	*
M Buffer Over-read	*
L Compiler Optimization Removal or Modification of Security-critical Code	*
L Loop with Unreachable Exit Condition ('Infinite Loop')	*
L Improper Encoding or Escaping of Output	*
M CVE-2025-4673	*
H Incorrect Privilege Assignment	*
M Improper Validation of Unsafe Equivalence in Input	*
H Link Following	*
M Double Free	*
M Allocation of Resources Without Limits or Throttling	*
M HTTP Request Smuggling	*
L Use After Free	*
L Incorrect Authorization	*
L Incorrect Authorization	*
M Incorrect Default Permissions	*
M Integer Overflow or Wraparound	*
M Improper Input Validation	*
L Improper Verification of Cryptographic Signature	*

Vulnerability

Vulnerable Version

Improper Validation of Unsafe Equivalence in Input