cri-tools vulnerabilities

Known vulnerabilities in the cri-tools package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Resource Exhaustion	*
M Information Exposure	*
L Improper Verification of Cryptographic Signature	*
M Information Exposure	*
M Use of Uninitialized Variable	*
H Resource Exhaustion	<0:1.27.0-2.1.el9
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:1.26.0-2.el9
H Improper Validation of Integrity Check Value	<0:1.29.0-3.1.el9
H Resource Exhaustion	<0:1.29.0-3.1.el9
H Misinterpretation of Input	<0:1.29.0-3.1.el9
H Information Exposure	<0:1.29.0-3.1.el9
H Incorrect Behavior Order	<0:1.29.0-3.1.el9
H Improper Validation of Integrity Check Value	<0:1.29.0-3.1.el9
H Resource Exhaustion	<0:1.29.0-3.1.el9
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:1.29.0-3.1.el9
H Arbitrary Code Injection	<0:1.29.0-3.1.el9
H Misinterpretation of Input	<0:1.29.0-3.1.el9
H Improper Input Validation	<0:1.29.0-3.1.el9
H Improper Input Validation	<0:1.29.0-3.1.el9
H Information Exposure	<0:1.29.0-3.1.el9
H Incorrect Behavior Order	<0:1.29.0-3.1.el9
M Cross-site Scripting (XSS)	<0:1.27.0-2.1.el9
H Resource Exhaustion	<0:1.27.0-2.1.el9
H Resource Exhaustion	<0:1.27.0-2.1.el9
H Use of a Broken or Risky Cryptographic Algorithm	<0:1.27.0-2.1.el9
H Use After Free	<0:1.27.0-2.1.el9
H CVE-2023-2728	<0:1.27.0-2.1.el9
H CVE-2023-2727	<0:1.27.0-2.1.el9
H Resource Exhaustion	<0:1.27.0-2.1.el9
H Cross-site Scripting (XSS)	<0:1.27.0-2.1.el9
H Resource Exhaustion	<0:1.27.0-2.1.el9
H Allocation of Resources Without Limits or Throttling	<0:1.27.0-2.1.el9
H CVE-2023-39321	<0:1.27.0-2.1.el9
H Cross-site Scripting (XSS)	<0:1.27.0-2.1.el9
H Cross-site Scripting (XSS)	<0:1.27.0-2.1.el9
H Resource Exhaustion	<0:1.27.0-2.1.el9
H Resource Exhaustion	<0:1.27.0-2.1.el9
H Use of a Broken or Risky Cryptographic Algorithm	<0:1.27.0-2.1.el9
H Use After Free	<0:1.27.0-2.1.el9
H CVE-2023-2728	<0:1.27.0-2.1.el9
H CVE-2023-2727	<0:1.27.0-2.1.el9
H Resource Exhaustion	<0:1.27.0-2.1.el9
H Resource Exhaustion	<0:1.27.0-3.2.el9
H Memory Leak	<0:1.26.0-4.2.el9
H Resource Exhaustion	<0:1.27.0-3.2.el9
H Improper Handling of Highly Compressed Data (Data Amplification)	<0:1.27.0-3.1.el9
H Memory Leak	<0:1.27.0-3.2.el9
H Improper Handling of Highly Compressed Data (Data Amplification)	<0:1.27.0-3.1.el9
H Improper Handling of Highly Compressed Data (Data Amplification)	<0:1.25.0-2.2.el9
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:1.25.0-2.2.el9
H Memory Leak	<0:1.25.0-2.2.el9
H Improper Handling of Highly Compressed Data (Data Amplification)	<0:1.28.0-3.1.el9
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:1.28.0-3.1.el9
H Memory Leak	<0:1.28.0-3.1.el9
H Memory Leak	<0:1.27.0-3.2.el9
H Improper Input Validation	<0:1.29.0-3.1.el9
H Improper Input Validation	<0:1.29.0-3.1.el9
H Truncation of Security-relevant Information	<0:1.28.0-3.el9
H Information Exposure	<0:1.28.0-3.el9
H Resource Exhaustion	<0:1.28.0-3.el9
H Resource Exhaustion	<0:1.28.0-3.el9
H Arbitrary Code Injection	<0:1.26.0-2.el9
M Information Exposure	<0:1.28.0-3.el9
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
H Resource Exhaustion	<0:1.27.0-2.1.el9
H Resource Exhaustion	<0:1.27.0-2.1.el9
H CVE-2023-39321	<0:1.27.0-2.1.el9
H Cross-site Scripting (XSS)	<0:1.27.0-2.1.el9
H Allocation of Resources Without Limits or Throttling	<0:1.27.0-2.1.el9
H Cross-site Scripting (XSS)	<0:1.27.0-2.1.el9
M Resource Exhaustion	<0:1.27.0-2.1.el9
H Directory Traversal	<0:1.26.0-2.el9
H Improper Handling of Unicode Encoding	<0:1.26.0-2.el9
H Improper Handling of Unicode Encoding	<0:1.26.0-2.el9
H Improper Handling of Unicode Encoding	<0:1.26.0-2.el9
H Improper Handling of Unicode Encoding	<0:1.26.0-2.el9
H Improper Handling of Unicode Encoding	<0:1.26.0-2.el9
H Resource Exhaustion	<0:1.26.0-2.el9
H Resource Exhaustion	<0:1.26.0-2.el9
M Improper Certificate Validation	<0:1.25.0-2.el9
M Incorrect Default Permissions	<0:1.25.0-2.el9
M Improper Initialization	<0:1.25.0-2.el9
M Server-Side Request Forgery (SSRF)	<0:1.25.0-2.el9
M Directory Traversal	<0:1.25.0-2.el9
M Improper Access Control	<0:1.25.0-2.el9
M Resource Exhaustion	<0:1.25.0-2.el9
M Improper Validation of Array Index	*
H Resource Exhaustion	<0:1.26.0-2.el9
H Resource Exhaustion	<0:1.26.0-2.el9
H Resource Exhaustion	*
M Algorithmic Complexity	*
M CVE-2022-41715	<0:1.25.0-2.el9
M CVE-2022-41715	<0:1.25.0-2.el9
M Allocation of Resources Without Limits or Throttling	<0:1.25.0-2.el9
M HTTP Request Smuggling	<0:1.25.0-2.el9
M HTTP Request Smuggling	<0:1.25.0-2.el9
M Directory Traversal	<0:1.25.0-2.el9
H Resource Exhaustion	<0:1.27.0-2.1.el9
M Resource Exhaustion	<0:1.25.0-2.el9
M Resource Exhaustion	<0:1.25.0-2.el9
M Information Exposure	<0:1.25.0-2.el9
M Improperly Controlled Sequential Memory Allocation	<0:1.25.0-2.el9
M HTTP Request Smuggling	<0:1.25.0-2.el9
L Insufficient Entropy	*
M Integer Overflow or Wraparound	*
M Buffer Overflow	*
H Use of a Broken or Risky Cryptographic Algorithm	<0:1.26.0-2.el9
H Use of a Broken or Risky Cryptographic Algorithm	<0:1.26.0-2.el9
M Resource Exhaustion	*
M Unchecked Return Value	*
M Incorrect Authorization	*
M Integer Overflow or Wraparound	*
M Information Exposure	*
M Race Condition	*
L Improper Input Validation	*
M Resource Exhaustion	*
M Improper Input Validation	*
M Improper Input Validation	*
M Incorrect Calculation	*
M Improper Certificate Validation	*
L Race Condition	*
L Loop with Unreachable Exit Condition ('Infinite Loop')	*
M HTTP Request Smuggling	*
H Resource Exhaustion	*
H Resource Exhaustion	*
L Improper Input Validation	*
L Improper Input Validation	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*

Vulnerability

Vulnerable Version

Resource Exhaustion