Homepage

runc vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the runc package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • M
Use of Uninitialized Variable

*
  • M
Use of Uninitialized Variable

*
  • H
Resource Exhaustion

<4:1.1.9-2.1.rhaos4.14.el8
  • H
Improper Validation of Integrity Check Value

<4:1.1.12-3.1.rhaos4.16.el8
  • H
Resource Exhaustion

<4:1.1.12-3.1.rhaos4.16.el8
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<4:1.1.12-3.1.rhaos4.16.el8
  • H
Arbitrary Code Injection

<4:1.1.12-3.1.rhaos4.16.el8
  • H
Misinterpretation of Input

<4:1.1.12-3.1.rhaos4.16.el8
  • H
Improper Input Validation

<4:1.1.12-3.1.rhaos4.16.el8
  • H
Improper Input Validation

<4:1.1.12-3.1.rhaos4.16.el8
  • H
Information Exposure

<4:1.1.12-3.1.rhaos4.16.el8
  • H
Incorrect Behavior Order

<4:1.1.12-3.1.rhaos4.16.el8
  • H
Improper Validation of Integrity Check Value

<4:1.1.12-3.1.rhaos4.16.el8
  • H
Resource Exhaustion

<4:1.1.12-3.1.rhaos4.16.el8
  • H
Arbitrary Code Injection

<4:1.1.12-3.1.rhaos4.16.el8
  • H
Misinterpretation of Input

<4:1.1.12-3.1.rhaos4.16.el8
  • H
Improper Input Validation

<4:1.1.12-3.1.rhaos4.16.el8
  • H
Information Exposure

<4:1.1.12-3.1.rhaos4.16.el8
  • H
Incorrect Behavior Order

<4:1.1.12-3.1.rhaos4.16.el8
  • H
Resource Exhaustion

<4:1.1.9-2.1.rhaos4.14.el8
  • H
Cross-site Scripting (XSS)

<4:1.1.9-2.1.rhaos4.14.el8
  • H
Resource Exhaustion

<4:1.1.9-2.1.rhaos4.14.el8
  • H
Allocation of Resources Without Limits or Throttling

<4:1.1.9-2.1.rhaos4.14.el8
  • H
CVE-2023-39321

<4:1.1.9-2.1.rhaos4.14.el8
  • H
Cross-site Scripting (XSS)

<4:1.1.9-2.1.rhaos4.14.el8
  • H
Cross-site Scripting (XSS)

<4:1.1.9-2.1.rhaos4.14.el8
  • H
Resource Exhaustion

<4:1.1.9-2.1.rhaos4.14.el8
  • H
Resource Exhaustion

<4:1.1.9-2.1.rhaos4.14.el8
  • H
Use of a Broken or Risky Cryptographic Algorithm

<4:1.1.9-2.1.rhaos4.14.el8
  • H
Use After Free

<4:1.1.9-2.1.rhaos4.14.el8
  • H
CVE-2023-2728

<4:1.1.9-2.1.rhaos4.14.el8
  • H
CVE-2023-2727

<4:1.1.9-2.1.rhaos4.14.el8
  • H
Resource Exhaustion

<4:1.1.9-2.1.rhaos4.14.el8
  • H
Resource Exhaustion

<4:1.1.12-1.2.rhaos4.14.el8
  • H
Memory Leak

<4:1.1.12-1.2.rhaos4.14.el8
  • H
Resource Exhaustion

<4:1.1.12-1.2.rhaos4.14.el8
  • H
Memory Leak

<4:1.1.12-1.1.rhaos4.13.el8
  • H
Improper Handling of Highly Compressed Data (Data Amplification)

<3:1.1.6-5.2.rhaos4.12.el8
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<3:1.1.6-5.2.rhaos4.12.el8
  • H
Improper Handling of Highly Compressed Data (Data Amplification)

<3:1.1.6-5.2.rhaos4.12.el8
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<3:1.1.6-5.2.rhaos4.12.el8
  • H
Memory Leak

<3:1.1.6-5.2.rhaos4.12.el8
  • H
Improper Handling of Highly Compressed Data (Data Amplification)

<4:1.1.12-1.1.rhaos4.15.el8
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<4:1.1.12-1.1.rhaos4.15.el8
  • H
Memory Leak

<4:1.1.12-1.1.rhaos4.15.el8
  • H
Memory Leak

<3:1.1.6-5.2.rhaos4.12.el8
  • H
Improper Input Validation

<4:1.1.12-3.1.rhaos4.16.el8
  • H
Resource Exhaustion

<4:1.1.6-4.rhaos4.13.el8
  • H
Truncation of Security-relevant Information

<4:1.1.12-1.rhaos4.15.el8
  • H
Information Exposure

<4:1.1.12-1.rhaos4.15.el8
  • H
Resource Exhaustion

<4:1.1.12-1.rhaos4.15.el8
  • H
Resource Exhaustion

<4:1.1.12-1.rhaos4.15.el8
  • H
Truncation of Security-relevant Information

<4:1.1.12-1.rhaos4.15.el8
  • H
Resource Exhaustion

<4:1.1.12-1.rhaos4.15.el8
  • M
Resource Exhaustion

<3:1.1.4-2.rhaos4.12.el8
  • M
Information Exposure

<3:1.1.2-3.1.rhaos4.11.el8
  • M
Information Exposure

<3:1.1.6-5.1.rhaos4.12.el8
  • M
Information Exposure

<4:1.1.12-1.rhaos4.13.el8
  • M
Information Exposure

<4:1.1.12-1.rhaos4.14.el8
  • M
Information Exposure

<3:1.1.6-5.1.rhaos4.12.el8
  • M
Resource Exhaustion

<3:1.1.4-2.rhaos4.12.el8
  • H
Information Exposure

<4:1.1.12-1.rhaos4.15.el8
  • H
Use of a Broken or Risky Cryptographic Algorithm

<3:1.1.2-2.rhaos4.11.el8
  • H
Improper Handling of Unicode Encoding

<4:1.1.6-4.rhaos4.13.el8
  • H
Improper Handling of Unicode Encoding

<3:1.1.2-2.rhaos4.11.el8
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<4:1.1.6-4.rhaos4.13.el8
  • H
Resource Exhaustion

<4:1.1.6-4.rhaos4.13.el8
  • H
Arbitrary Code Injection

<4:1.1.6-4.rhaos4.13.el8
  • H
Resource Exhaustion

<4:1.1.6-4.rhaos4.13.el8
  • M
Incorrect Default Permissions

*
  • M
Improper Certificate Validation

<3:1.1.2-2.rhaos4.12.el8
  • M
Improper Certificate Validation

<3:1.1.2-2.rhaos4.12.el8
  • M
Incorrect Default Permissions

<3:1.1.2-2.rhaos4.12.el8
  • M
Incorrect Default Permissions

<3:1.1.2-2.rhaos4.12.el8
  • M
Improper Initialization

<3:1.1.2-2.rhaos4.12.el8
  • M
Improper Initialization

<3:1.1.2-2.rhaos4.12.el8
  • M
Server-Side Request Forgery (SSRF)

<3:1.1.2-2.rhaos4.12.el8
  • M
Server-Side Request Forgery (SSRF)

<3:1.1.2-2.rhaos4.12.el8
  • M
Directory Traversal

<3:1.1.2-2.rhaos4.12.el8
  • M
Directory Traversal

<3:1.1.2-2.rhaos4.12.el8
  • M
Improper Access Control

<3:1.1.2-2.rhaos4.12.el8
  • M
Improper Access Control

<3:1.1.2-2.rhaos4.12.el8
  • M
Resource Exhaustion

<3:1.1.2-2.rhaos4.12.el8
  • M
Resource Exhaustion

<3:1.1.2-2.rhaos4.12.el8
  • M
Improper Input Validation

<0:1.0.0-95.rhaos4.8.gitcd80260.el8
  • M
Improper Input Validation

<0:1.0.0-95.rhaos4.8.gitcd80260.el8
  • H
Directory Traversal

<0:1.0.0-72.rhaos4.5.giteadfc6b.el8
  • H
Improper Input Validation

<0:1.0.0-72.rhaos4.5.giteadfc6b.el8
  • H
Cross-site Scripting (XSS)

<0:1.0.0-72.rhaos4.5.giteadfc6b.el8
  • H
Incorrect Authorization

<0:1.0.0-72.rhaos4.5.giteadfc6b.el8
  • H
Allocation of Resources Without Limits or Throttling

<0:1.0.0-72.rhaos4.5.giteadfc6b.el8
  • H
Improper Input Validation

<0:1.0.0-72.rhaos4.5.giteadfc6b.el8
  • H
Cross-site Scripting (XSS)

<0:1.0.0-72.rhaos4.5.giteadfc6b.el8
  • H
Deserialization of Untrusted Data

<0:1.0.0-72.rhaos4.5.giteadfc6b.el8
  • H
Cross-site Scripting (XSS)

<0:1.0.0-72.rhaos4.5.giteadfc6b.el8
  • H
Link Following

<0:1.0.0-72.rhaos4.5.giteadfc6b.el8
  • H
Cross-site Scripting (XSS)

<0:1.0.0-72.rhaos4.5.giteadfc6b.el8
  • M
Improper Output Neutralization for Logs

<0:1.0.0-81.rhaos4.6.git5b757d4.el8
  • M
Improper Validation of Certificate with Host Mismatch

<0:1.0.0-81.rhaos4.6.git5b757d4.el8
  • M
Missing Authorization

<0:1.0.0-81.rhaos4.6.git5b757d4.el8
  • M
Directory Traversal

<0:1.0.0-81.rhaos4.6.git5b757d4.el8
  • M
Insufficiently Protected Credentials

<0:1.0.0-81.rhaos4.6.git5b757d4.el8
  • H
OS Command Injection

<0:1.0.0-63.rc8.rhaos4.1.git3cbe540.el8_0
  • H
Resource Exhaustion

<4:1.1.6-4.rhaos4.13.el8
  • H
Resource Exhaustion

<4:1.1.6-4.rhaos4.13.el8
  • H
Path Equivalence

<4:1.1.6-4.rhaos4.13.el8
  • H
Allocation of Resources Without Limits or Throttling

<4:1.1.6-4.rhaos4.13.el8
  • H
Allocation of Resources Without Limits or Throttling

<3:1.1.2-2.rhaos4.11.el8
  • M
Algorithmic Complexity

<3:1.1.6-4.rhaos4.12.el8
  • M
Algorithmic Complexity

<3:1.1.6-4.rhaos4.12.el8
  • M
CVE-2022-41715

<3:1.1.6-4.rhaos4.12.el8
  • M
CVE-2022-41715

<3:1.1.4-2.rhaos4.12.el8
  • M
Allocation of Resources Without Limits or Throttling

<3:1.1.4-2.rhaos4.12.el8
  • M
Allocation of Resources Without Limits or Throttling

<3:1.1.6-4.rhaos4.12.el8
  • M
HTTP Request Smuggling

<3:1.1.6-4.rhaos4.12.el8
  • M
HTTP Request Smuggling

<3:1.1.4-2.rhaos4.12.el8
  • M
Directory Traversal

<3:1.1.6-4.rhaos4.12.el8
  • M
Directory Traversal

<3:1.1.2-2.rhaos4.12.el8
  • M
Resource Exhaustion

<3:1.1.6-4.rhaos4.12.el8
  • M
Resource Exhaustion

<3:1.1.2-2.rhaos4.12.el8
  • M
Resource Exhaustion

<3:1.1.2-2.rhaos4.12.el8
  • M
Resource Exhaustion

<3:1.1.2-2.rhaos4.12.el8
  • M
Information Exposure

<3:1.1.2-2.rhaos4.12.el8
  • M
Information Exposure

<3:1.1.2-2.rhaos4.12.el8
  • M
Improperly Controlled Sequential Memory Allocation

<3:1.1.4-2.rhaos4.12.el8
  • M
Improperly Controlled Sequential Memory Allocation

<3:1.1.4-2.rhaos4.12.el8
  • M
HTTP Request Smuggling

<3:1.1.2-1.rhaos4.11.el8
  • M
HTTP Request Smuggling

<3:1.1.2-2.rhaos4.12.el8
  • M
HTTP Request Smuggling

<3:1.1.2-2.rhaos4.12.el8
  • M
Incorrect Authorization

<3:1.1.2-1.rhaos4.11.el8
  • M
Incorrect Default Permissions

<3:1.1.2-1.rhaos4.11.el8
  • H
Insufficient Entropy

<3:1.1.2-2.rhaos4.11.el8
  • H
Integer Overflow or Wraparound

<3:1.1.2-2.rhaos4.11.el8
  • H
Buffer Overflow

<3:1.1.2-2.rhaos4.11.el8
  • M
Missing Release of Resource after Effective Lifetime

<3:1.1.2-1.rhaos4.11.el8
  • M
Use of a Broken or Risky Cryptographic Algorithm

<3:1.1.2-1.rhaos4.11.el8
  • M
Resource Exhaustion

<3:1.1.2-1.rhaos4.11.el8
  • M
Unchecked Return Value

<3:1.1.2-1.rhaos4.11.el8
  • M
Incorrect Authorization

<3:1.1.2-1.rhaos4.11.el8
  • H
Integer Overflow or Wraparound

<3:1.1.2-2.rhaos4.11.el8
  • M
Information Exposure

<3:1.1.0-2.rhaos4.10.el8
  • M
Resource Exhaustion

<3:1.1.0-2.rhaos4.10.el8
  • M
Improper Input Validation

<3:1.1.2-1.rhaos4.11.el8
  • H
Time-of-check Time-of-use (TOCTOU)

<0:1.0.0-74.rhaos4.5.gitd2c3b70.el8
  • H
Time-of-check Time-of-use (TOCTOU)

<0:1.0.0-87.rhaos4.6.git23384e2.el8
  • H
Time-of-check Time-of-use (TOCTOU)

<0:1.0.0-96.rhaos4.8.gitcd80260.el8
  • M
Improper Cross-boundary Removal of Sensitive Data

<0:1.0.0-81.rhaos4.6.git5b757d4.el8
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:1.0.0-81.rhaos4.6.git5b757d4.el8
  • M
Path Equivalence

<0:1.0.0-63.rc8.rhaos4.1.git3cbe540.el8_0
  • M
Path Equivalence

<0:1.0.0-63.rc10.rhaos4.2.gitdc9208a.el8
  • M
Path Equivalence

<0:1.0.0-62.rc8.rhaos4.1.git3cbe540.el8
  • M
Path Equivalence

<0:1.0.0-63.rc8.el8
  • M
Incorrect Calculation

<0:1.0.0-95.rhaos4.8.gitcd80260.el8
  • M
Improper Certificate Validation

<0:1.0.0-95.rhaos4.8.gitcd80260.el8
  • M
Race Condition

<0:1.0.0-81.rhaos4.6.git5b757d4.el8
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:1.0.0-81.rhaos4.6.git5b757d4.el8
  • H
Insecure Temporary File

<0:1.0.0-72.rhaos4.5.giteadfc6b.el8
  • M
Information Exposure

<0:1.0.0-95.rhaos4.8.gitcd80260.el8
  • M
Resource Exhaustion

<0:1.0.0-95.rhaos4.8.gitcd80260.el8
  • H
Insecure Temporary File

<0:1.0.0-72.rhaos4.5.giteadfc6b.el8