Homepage

cri-o vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the cri-o package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
Directory Traversal

<0:1.27.8-12.rhaos4.14.git7597c43.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:1.27.8-12.rhaos4.14.git7597c43.el9
  • H
Uncontrolled Recursion

<0:1.27.8-12.rhaos4.14.git7597c43.el9
  • H
Uncontrolled Recursion

<0:1.27.8-12.rhaos4.14.git7597c43.el9
  • H
Directory Traversal

<0:1.27.8-12.rhaos4.14.git7597c43.el9
  • H
Directory Traversal

<0:1.27.8-12.rhaos4.14.git7597c43.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:1.27.8-12.rhaos4.14.git7597c43.el9
  • H
Uncontrolled Recursion

<0:1.27.8-12.rhaos4.14.git7597c43.el9
  • H
Uncontrolled Recursion

<0:1.27.8-12.rhaos4.14.git7597c43.el9
  • H
Directory Traversal

<0:1.25.5-5.rhaos4.12.git53dc492.el9
  • H
Link Following

<0:1.25.5-5.rhaos4.12.git53dc492.el9
  • H
Information Exposure

<0:1.25.5-5.rhaos4.12.git53dc492.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:1.25.5-5.rhaos4.12.git53dc492.el9
  • H
Uncontrolled Recursion

<0:1.25.5-5.rhaos4.12.git53dc492.el9
  • H
Uncontrolled Recursion

<0:1.25.5-5.rhaos4.12.git53dc492.el9
  • H
Directory Traversal

<0:1.26.5-26.rhaos4.13.giteb3d487.el9
  • H
Directory Traversal

<0:1.26.5-26.rhaos4.13.giteb3d487.el9
  • H
Link Following

<0:1.26.5-26.rhaos4.13.giteb3d487.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:1.26.5-26.rhaos4.13.giteb3d487.el9
  • H
Uncontrolled Recursion

<0:1.26.5-26.rhaos4.13.giteb3d487.el9
  • H
Uncontrolled Recursion

<0:1.26.5-26.rhaos4.13.giteb3d487.el9
  • M
Directory Traversal

<0:1.29.9-6.rhaos4.16.gite7bd45a.el9
  • M
Resource Exhaustion

<0:1.29.9-6.rhaos4.16.gite7bd45a.el9
  • M
Misinterpretation of Input

<0:1.29.9-6.rhaos4.16.gite7bd45a.el9
  • H
Directory Traversal

<0:1.28.11-5.rhaos4.15.git35a2431.el9
  • H
Link Following

<0:1.28.11-5.rhaos4.15.git35a2431.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:1.28.11-5.rhaos4.15.git35a2431.el9
  • H
Uncontrolled Recursion

<0:1.28.11-5.rhaos4.15.git35a2431.el9
  • H
Uncontrolled Recursion

<0:1.28.11-5.rhaos4.15.git35a2431.el9
  • M
Directory Traversal

<0:1.30.6-6.rhaos4.17.git6ac6e96.el9
  • H
Link Following

<0:1.29.9-5.rhaos4.16.git34690b9.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:1.29.9-5.rhaos4.16.git34690b9.el9
  • H
Uncontrolled Recursion

<0:1.29.9-5.rhaos4.16.git34690b9.el9
  • H
Uncontrolled Recursion

<0:1.29.9-5.rhaos4.16.git34690b9.el9
  • M
Link Following

<0:1.27.8-10.rhaos4.14.git807f92c.el9
  • H
Directory Traversal

<0:1.27.8-12.rhaos4.14.git7597c43.el9
  • M
Link Following

<0:1.30.6-3.rhaos4.17.git49b5172.el9
  • M
Link Following

<0:1.27.8-10.rhaos4.14.git807f92c.el9
  • M
Use of Uninitialized Variable

*
  • H
Improper Handling of Unicode Encoding

<0:1.26.3-8.rhaos4.13.gitec064c9.el9
  • H
HTTP Request Smuggling

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • H
Allocation of Resources Without Limits or Throttling

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • H
Time-of-check Time-of-use (TOCTOU)

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • H
Improper Input Validation

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • H
Resource Exhaustion

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • H
Placement of User into Incorrect Group

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • M
Information Exposure Through Log Files

<0:1.26.5-20.rhaos4.13.git2e90133.el9
  • M
Misinterpretation of Input

<0:1.26.5-20.rhaos4.13.git2e90133.el9
  • M
Improper Input Validation

<0:1.26.5-20.rhaos4.13.git2e90133.el9
  • M
Misinterpretation of Input

<0:1.27.8-5.rhaos4.14.git107168f.el9
  • M
Improper Input Validation

<0:1.27.8-5.rhaos4.14.git107168f.el9
  • M
Misinterpretation of Input

<0:1.28.9-5.rhaos4.15.git674ed4c.el9
  • M
Improper Input Validation

<0:1.28.9-5.rhaos4.15.git674ed4c.el9
  • M
Allocation of Resources Without Limits or Throttling

<0:1.25.3-7.rhaos4.12.git44a2cb2.el9
  • M
Misinterpretation of Input

<0:1.25.3-7.rhaos4.12.git44a2cb2.el9
  • M
Improper Input Validation

<0:1.25.3-7.rhaos4.12.git44a2cb2.el9
  • H
Directory Traversal

<0:1.26.5-18.2.rhaos4.13.git2e90133.el9
  • H
Information Exposure

<0:1.29.5-5.rhaos4.16.git7032128.el9
  • H
Incorrect Behavior Order

<0:1.29.5-5.rhaos4.16.git7032128.el9
  • H
Improper Validation of Integrity Check Value

<0:1.29.5-5.rhaos4.16.git7032128.el9
  • H
Resource Exhaustion

<0:1.29.5-5.rhaos4.16.git7032128.el9
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:1.29.5-5.rhaos4.16.git7032128.el9
  • H
Arbitrary Code Injection

<0:1.29.5-5.rhaos4.16.git7032128.el9
  • H
Misinterpretation of Input

<0:1.29.5-5.rhaos4.16.git7032128.el9
  • H
Improper Input Validation

<0:1.29.5-5.rhaos4.16.git7032128.el9
  • H
Improper Input Validation

<0:1.29.5-5.rhaos4.16.git7032128.el9
  • H
Information Exposure

<0:1.29.5-5.rhaos4.16.git7032128.el9
  • H
Incorrect Behavior Order

<0:1.29.5-5.rhaos4.16.git7032128.el9
  • M
Misinterpretation of Input

<0:1.27.8-5.rhaos4.14.git107168f.el9
  • H
Directory Traversal

<0:1.27.7-3.rhaos4.14.git674563e.el9
  • H
Directory Traversal

<0:1.28.7-2.rhaos4.15.git111aec5.el9
  • H
Cross-site Scripting (XSS)

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
Resource Exhaustion

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
Resource Exhaustion

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
Use of a Broken or Risky Cryptographic Algorithm

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
Use After Free

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
CVE-2023-2728

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
CVE-2023-2727

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
Link Following

<0:1.27.6-2.rhaos4.14.gitb3bd0bf.el9
  • H
Directory Traversal

<0:1.27.7-3.rhaos4.14.git674563e.el9
  • H
Arbitrary Command Injection

<0:1.26.5-16.2.rhaos4.13.git67e2a9d.el9
  • H
Link Following

<0:1.26.5-15.2.rhaos4.13.gitb742e63.el9
  • H
Cross-site Scripting (XSS)

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
Resource Exhaustion

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
Resource Exhaustion

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
Use of a Broken or Risky Cryptographic Algorithm

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
Use After Free

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
CVE-2023-2728

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
CVE-2023-2727

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
Resource Exhaustion

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
Improper Validation of Integrity Check Value

<0:1.29.5-5.rhaos4.16.git7032128.el9
  • H
Arbitrary Command Injection

<0:1.27.6-2.rhaos4.14.gitb3bd0bf.el9
  • H
Link Following

<0:1.27.6-2.rhaos4.14.gitb3bd0bf.el9
  • H
Arbitrary Command Injection

<0:1.28.6-2.rhaos4.15.git77bbb1c.el9
  • H
Link Following

<0:1.28.6-2.rhaos4.15.git77bbb1c.el9
  • H
Arbitrary Command Injection

<0:1.27.6-2.rhaos4.14.gitb3bd0bf.el9
  • H
Resource Exhaustion

<0:1.27.6-2.rhaos4.14.gitb3bd0bf.el9
  • H
Memory Leak

<0:1.26.5-11.1.rhaos4.13.git919cc6e.el9
  • H
Resource Exhaustion

<0:1.27.6-2.rhaos4.14.gitb3bd0bf.el9
  • H
HTTP Request Smuggling

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • H
Allocation of Resources Without Limits or Throttling

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • H
Time-of-check Time-of-use (TOCTOU)

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • H
Improper Input Validation

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • H
Resource Exhaustion

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • H
Resource Exhaustion

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • H
Resource Exhaustion

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • H
Allocation of Resources Without Limits or Throttling

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • H
Improper Initialization

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • H
Placement of User into Incorrect Group

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • H
Improper Handling of Unicode Encoding

<0:1.26.3-8.rhaos4.13.gitec064c9.el9
  • H
Improper Handling of Highly Compressed Data (Data Amplification)

<0:1.27.6-2.rhaos4.14.gitb3bd0bf.el9
  • H
Memory Leak

<0:1.27.4-7.2.rhaos4.14.git082c52f.el9
  • H
Improper Handling of Highly Compressed Data (Data Amplification)

<0:1.25.3-5.2.rhaos4.12.git44a2cb2.el9
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:1.25.3-5.2.rhaos4.12.git44a2cb2.el9
  • H
Memory Leak

<0:1.25.3-5.2.rhaos4.12.git44a2cb2.el9
  • H
Improper Handling of Highly Compressed Data (Data Amplification)

<0:1.28.6-2.rhaos4.15.git77bbb1c.el9
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:1.28.4-8.rhaos4.15.git24f50b9.el9
  • H
Memory Leak

<0:1.28.4-8.rhaos4.15.git24f50b9.el9
  • H
Improper Handling of Unicode Encoding

<0:1.26.3-8.rhaos4.13.gitec064c9.el9
  • H
Improper Handling of Unicode Encoding

<0:1.26.3-8.rhaos4.13.gitec064c9.el9
  • H
Improper Handling of Highly Compressed Data (Data Amplification)

<0:1.26.5-15.2.rhaos4.13.gitb742e63.el9
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:1.26.5-10.rhaos4.13.gita08b329.el9
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:1.27.4-5.rhaos4.14.git8d40fed.el9
  • H
Memory Leak

<0:1.27.4-7.2.rhaos4.14.git082c52f.el9
  • H
Improper Handling of Highly Compressed Data (Data Amplification)

<0:1.27.6-2.rhaos4.14.gitb3bd0bf.el9
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:1.29.5-5.rhaos4.16.git7032128.el9
  • H
Improper Input Validation

<0:1.29.5-5.rhaos4.16.git7032128.el9
  • M
Improper Input Validation

<0:1.27.8-5.rhaos4.14.git107168f.el9
  • H
Truncation of Security-relevant Information

<0:1.28.3-14.rhaos4.15.git33aabd8.el9
  • H
Information Exposure

<0:1.28.3-14.rhaos4.15.git33aabd8.el9
  • H
Resource Exhaustion

<0:1.28.3-14.rhaos4.15.git33aabd8.el9
  • H
Resource Exhaustion

<0:1.28.3-14.rhaos4.15.git33aabd8.el9
  • H
Improper Handling of Unicode Encoding

<0:1.26.3-8.rhaos4.13.gitec064c9.el9
  • H
Directory Traversal

<0:1.26.3-8.rhaos4.13.gitec064c9.el9
  • H
Use of a Broken or Risky Cryptographic Algorithm

<0:1.26.3-8.rhaos4.13.gitec064c9.el9
  • M
Allocation of Resources Without Limits or Throttling

<0:1.26.4-9.1.rhaos4.13.gite26e057.el9
  • H
Arbitrary Code Injection

<0:1.26.3-8.rhaos4.13.gitec064c9.el9
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:1.26.3-8.rhaos4.13.gitec064c9.el9
  • M
Allocation of Resources Without Limits or Throttling

<0:1.26.4-6.1.rhaos4.13.git9eb9cf3.el9
  • M
Allocation of Resources Without Limits or Throttling

<0:1.27.2-7.rhaos4.14.git1cc7a64.el9
  • M
Allocation of Resources Without Limits or Throttling

<0:1.27.2-7.rhaos4.14.git1cc7a64.el9
  • M
Allocation of Resources Without Limits or Throttling

<0:1.27.2-7.rhaos4.14.git1cc7a64.el9
  • M
Resource Exhaustion

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • H
Resource Exhaustion

<0:1.26.4-5.1.rhaos4.13.git969e013.el9
  • H
Resource Exhaustion

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
Resource Exhaustion

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
Allocation of Resources Without Limits or Throttling

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
CVE-2023-39321

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
Cross-site Scripting (XSS)

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
Cross-site Scripting (XSS)

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
Resource Exhaustion

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • H
HTTP Response Splitting

<0:1.27.1-13.1.rhaos4.14.git956c5f7.el9
  • H
Resource Exhaustion

<0:1.27.1-13.1.rhaos4.14.git956c5f7.el9
  • H
Resource Exhaustion

<0:1.27.1-13.1.rhaos4.14.git956c5f7.el9
  • M
CVE-2023-39321

<0:1.27.1-13.1.rhaos4.14.git956c5f7.el9
  • M
Cross-site Scripting (XSS)

<0:1.27.1-13.1.rhaos4.14.git956c5f7.el9
  • M
Allocation of Resources Without Limits or Throttling

<0:1.27.1-13.1.rhaos4.14.git956c5f7.el9
  • M
Cross-site Scripting (XSS)

<0:1.27.1-13.1.rhaos4.14.git956c5f7.el9
  • H
Resource Exhaustion

<0:1.27.1-13.1.rhaos4.14.git956c5f7.el9
  • M
HTTP Response Splitting

<0:1.27.1-13.1.rhaos4.14.git956c5f7.el9
  • H
Exposure of Data Element to Wrong Session

<0:1.26.3-9.rhaos4.13.git9232b13.el9
  • H
Exposure of Data Element to Wrong Session

<0:1.26.3-9.rhaos4.13.git9232b13.el9
  • H
Improper Handling of Unicode Encoding

<0:1.26.3-8.rhaos4.13.gitec064c9.el9
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:1.26.3-8.rhaos4.13.gitec064c9.el9
  • H
Resource Exhaustion

<0:1.26.3-9.rhaos4.13.git9232b13.el9
  • H
Resource Exhaustion

<0:1.26.3-9.rhaos4.13.git9232b13.el9
  • M
Arbitrary Code Injection

<0:1.26.3-8.rhaos4.13.gitec064c9.el9
  • H
Resource Exhaustion

<0:1.26.3-8.rhaos4.13.gitec064c9.el9
  • H
Resource Exhaustion

<0:1.26.3-8.rhaos4.13.gitec064c9.el9
  • M
Out-of-bounds Read

*
  • M
Improper Certificate Validation

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Improper Certificate Validation

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Incorrect Default Permissions

*
  • M
Incorrect Default Permissions

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Incorrect Default Permissions

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Improper Initialization

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Improper Initialization

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Server-Side Request Forgery (SSRF)

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Server-Side Request Forgery (SSRF)

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Directory Traversal

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Directory Traversal

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Improper Access Control

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Improper Access Control

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Resource Exhaustion

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Resource Exhaustion

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Incorrect Permission Assignment for Critical Resource

*
  • H
Arbitrary Code Injection

*
  • M
Improper Validation of Array Index

*
  • M
Improper Cleanup on Thrown Exception

*
  • H
Resource Exhaustion

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • H
Resource Exhaustion

<0:1.26.3-8.rhaos4.13.gitec064c9.el9
  • H
Resource Exhaustion

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • H
Allocation of Resources Without Limits or Throttling

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • M
File and Directory Information Exposure

*
  • M
File and Directory Information Exposure

<0:1.25.2-9.rhaos4.12.git0a083f9.el9
  • M
Algorithmic Complexity

*
  • M
CVE-2022-41715

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
CVE-2022-41715

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Allocation of Resources Without Limits or Throttling

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Allocation of Resources Without Limits or Throttling

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
HTTP Request Smuggling

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
HTTP Request Smuggling

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Directory Traversal

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Directory Traversal

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • H
Resource Exhaustion

<0:1.27.1-8.1.rhaos4.14.git3fecb83.el9
  • M
Resource Exhaustion

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Resource Exhaustion

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Resource Exhaustion

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Information Exposure

*
  • M
Information Exposure

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Improperly Controlled Sequential Memory Allocation

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
Improperly Controlled Sequential Memory Allocation

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
HTTP Request Smuggling

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • M
HTTP Request Smuggling

<0:1.25.1-5.rhaos4.12.git6005903.el9
  • L
Insufficient Entropy

*
  • M
Resource Exhaustion

*
  • M
Integer Overflow or Wraparound

*
  • M
Buffer Overflow

*
  • H
Improper Preservation of Permissions

*
  • H
Use of a Broken or Risky Cryptographic Algorithm

<0:1.26.3-3.rhaos4.13.git641290e.el9
  • M
Resource Exhaustion

*
  • M
Unchecked Return Value

*
  • M
Incorrect Authorization

*
  • M
Integer Overflow or Wraparound

*
  • M
Information Exposure

*
  • M
Resource Exhaustion

*
  • M
Improper Input Validation

*
  • L
Access of Resource Using Incompatible Type ('Type Confusion')

*
  • M
Race Condition

*
  • L
Improper Input Validation

*
  • M
Resource Exhaustion

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • L
Resource Exhaustion

*
  • M
Incorrect Calculation

*
  • M
Improper Certificate Validation

*
  • L
Race Condition

*
  • L
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Insufficiently Protected Credentials

*
  • M
HTTP Request Smuggling

*
  • H
Resource Exhaustion

*
  • H
Resource Exhaustion

*
  • L
Improper Input Validation

*
  • L
Improper Input Validation

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Improper Locking

*
  • M
Use After Free

*