Homepage

runc vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the runc package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • M
Use of Uninitialized Variable

*
  • M
Use of Uninitialized Variable

*
  • M
Use of Uninitialized Variable

*
  • H
Truncation of Security-relevant Information

<4:1.1.12-1.rhaos4.15.el9
  • H
Resource Exhaustion

<4:1.1.12-1.rhaos4.15.el9
  • H
Improper Handling of Highly Compressed Data (Data Amplification)

<4:1.1.12-1.1.rhaos4.15.el9
  • M
Improper Input Validation

<4:1.1.12-4.el9_4
  • L
Directory Traversal

*
  • H
Memory Leak

<4:1.1.12-3.el9_4
  • M
Information Exposure

<4:1.1.12-2.el9
  • M
Improperly Controlled Sequential Memory Allocation

<4:1.1.12-2.el9
  • M
Improperly Controlled Sequential Memory Allocation

<4:1.1.12-2.el9
  • M
Improperly Controlled Sequential Memory Allocation

<4:1.1.12-2.el9
  • H
Information Exposure

<4:1.1.12-1.el9_3
  • M
Authentication Bypass by Primary Weakness

<4:1.1.9-1.el9
  • M
Path Equivalence

<4:1.1.9-1.el9
  • M
Incorrect Default Permissions

<4:1.1.9-1.el9
  • M
Resource Exhaustion

<4:1.1.9-1.el9
  • M
Integer Overflow or Wraparound

<4:1.1.9-1.el9
  • L
Incorrect Default Permissions

<4:1.1.4-1.el9
  • M
Allocation of Resources Without Limits or Throttling

<4:1.1.9-2.el9_3
  • M
CVE-2023-39321

<4:1.1.9-2.el9_3
  • M
Resource Exhaustion

<4:1.1.9-2.el9_3
  • H
Resource Exhaustion

<4:1.1.9-2.1.rhaos4.14.el9
  • H
Improper Validation of Integrity Check Value

<4:1.1.12-3.1.rhaos4.16.el9
  • H
Resource Exhaustion

<4:1.1.12-3.1.rhaos4.16.el9
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<4:1.1.12-3.1.rhaos4.16.el9
  • H
Arbitrary Code Injection

<4:1.1.12-3.1.rhaos4.16.el9
  • H
Misinterpretation of Input

<4:1.1.12-3.1.rhaos4.16.el9
  • H
Improper Input Validation

<4:1.1.12-3.1.rhaos4.16.el9
  • H
Information Exposure

<4:1.1.12-3.1.rhaos4.16.el9
  • H
Incorrect Behavior Order

<4:1.1.12-3.1.rhaos4.16.el9
  • H
Improper Validation of Integrity Check Value

<4:1.1.12-3.1.rhaos4.16.el9
  • H
Resource Exhaustion

<4:1.1.12-3.1.rhaos4.16.el9
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<4:1.1.12-3.1.rhaos4.16.el9
  • H
Arbitrary Code Injection

<4:1.1.12-3.1.rhaos4.16.el9
  • H
Misinterpretation of Input

<4:1.1.12-3.1.rhaos4.16.el9
  • H
Improper Input Validation

<4:1.1.12-3.1.rhaos4.16.el9
  • H
Improper Input Validation

<4:1.1.12-3.1.rhaos4.16.el9
  • H
Information Exposure

<4:1.1.12-3.1.rhaos4.16.el9
  • H
Incorrect Behavior Order

<4:1.1.12-3.1.rhaos4.16.el9
  • H
Resource Exhaustion

<4:1.1.9-2.1.rhaos4.14.el9
  • H
Cross-site Scripting (XSS)

<4:1.1.9-2.1.rhaos4.14.el9
  • H
Resource Exhaustion

<4:1.1.9-2.1.rhaos4.14.el9
  • H
Cross-site Scripting (XSS)

<4:1.1.9-2.1.rhaos4.14.el9
  • H
Cross-site Scripting (XSS)

<4:1.1.9-2.1.rhaos4.14.el9
  • H
Resource Exhaustion

<4:1.1.9-2.1.rhaos4.14.el9
  • H
Resource Exhaustion

<4:1.1.9-2.1.rhaos4.14.el9
  • H
Use of a Broken or Risky Cryptographic Algorithm

<4:1.1.9-2.1.rhaos4.14.el9
  • H
Use After Free

<4:1.1.9-2.1.rhaos4.14.el9
  • H
CVE-2023-2728

<4:1.1.9-2.1.rhaos4.14.el9
  • H
CVE-2023-2727

<4:1.1.9-2.1.rhaos4.14.el9
  • H
Resource Exhaustion

<4:1.1.9-2.1.rhaos4.14.el9
  • H
Resource Exhaustion

<4:1.1.9-2.1.rhaos4.14.el9
  • H
Cross-site Scripting (XSS)

<4:1.1.9-2.1.rhaos4.14.el9
  • H
Resource Exhaustion

<4:1.1.9-2.1.rhaos4.14.el9
  • H
Allocation of Resources Without Limits or Throttling

<4:1.1.9-2.1.rhaos4.14.el9
  • H
CVE-2023-39321

<4:1.1.9-2.1.rhaos4.14.el9
  • H
Cross-site Scripting (XSS)

<4:1.1.9-2.1.rhaos4.14.el9
  • H
Cross-site Scripting (XSS)

<4:1.1.9-2.1.rhaos4.14.el9
  • H
Resource Exhaustion

<4:1.1.9-2.1.rhaos4.14.el9
  • H
Resource Exhaustion

<4:1.1.9-2.1.rhaos4.14.el9
  • H
Use of a Broken or Risky Cryptographic Algorithm

<4:1.1.9-2.1.rhaos4.14.el9
  • H
Use After Free

<4:1.1.9-2.1.rhaos4.14.el9
  • H
CVE-2023-2728

<4:1.1.9-2.1.rhaos4.14.el9
  • H
CVE-2023-2727

<4:1.1.9-2.1.rhaos4.14.el9
  • H
Resource Exhaustion

<4:1.1.9-2.1.rhaos4.14.el9
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<4:1.1.13-4.el9
  • H
Resource Exhaustion

<4:1.1.12-1.2.rhaos4.14.el9
  • H
Memory Leak

<4:1.1.12-1.1.rhaos4.13.el9
  • H
Memory Leak

<4:1.1.12-1.2.rhaos4.14.el9
  • H
Resource Exhaustion

<4:1.1.12-1.2.rhaos4.14.el9
  • H
Improper Handling of Highly Compressed Data (Data Amplification)

<4:1.1.12-1.1.rhaos4.15.el9
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<4:1.1.12-1.1.rhaos4.15.el9
  • H
Memory Leak

<4:1.1.12-1.1.rhaos4.15.el9
  • H
Memory Leak

<4:1.1.12-3.el9_4
  • H
Memory Leak

<4:1.1.12-1.2.rhaos4.14.el9
  • M
Improper Input Validation

<4:1.1.12-4.el9_4
  • H
Improper Input Validation

<4:1.1.12-3.1.rhaos4.16.el9
  • H
Truncation of Security-relevant Information

<4:1.1.12-1.rhaos4.15.el9
  • H
Information Exposure

<4:1.1.12-1.rhaos4.15.el9
  • H
Resource Exhaustion

<4:1.1.12-1.rhaos4.15.el9
  • H
Resource Exhaustion

<4:1.1.12-1.rhaos4.15.el9
  • H
Information Exposure

<4:1.1.12-1.el9_2
  • H
Information Exposure

<4:1.1.12-1.el9_2
  • H
Information Exposure

<4:1.1.12-1.el9_2
  • H
Information Exposure

<4:1.1.12-1.el9_0
  • H
Information Exposure

<4:1.1.12-1.el9_0
  • M
Information Exposure

<4:1.1.12-1.rhaos4.13.el9
  • M
Information Exposure

<4:1.1.12-1.rhaos4.14.el9
  • M
Information Exposure

<4:1.1.12-1.rhaos4.14.el9
  • H
Information Exposure

<4:1.1.12-1.el9_3
  • M
Information Exposure

<4:1.1.12-2.el9
  • H
Information Exposure

<4:1.1.12-1.rhaos4.15.el9
  • H
CVE-2023-39321

<4:1.1.9-2.1.rhaos4.14.el9
  • M
CVE-2023-39321

<4:1.1.9-2.el9_3
  • H
Allocation of Resources Without Limits or Throttling

<4:1.1.9-2.1.rhaos4.14.el9
  • M
Allocation of Resources Without Limits or Throttling

<4:1.1.9-2.el9_3
  • M
Resource Exhaustion

<4:1.1.9-2.el9_3
  • H
Resource Exhaustion

<4:1.1.9-2.1.rhaos4.14.el9
  • L
Incorrect Default Permissions

*
  • M
Incorrect Default Permissions

<4:1.1.9-1.el9
  • M
Authentication Bypass by Primary Weakness

*
  • M
Authentication Bypass by Primary Weakness

<4:1.1.9-1.el9
  • M
Resource Exhaustion

<4:1.1.9-1.el9
  • M
Path Equivalence

<4:1.1.9-1.el9
  • M
CVE-2022-41715

*
  • M
CVE-2022-41715

*
  • M
Directory Traversal

*
  • L
Resource Exhaustion

*
  • L
Resource Exhaustion

*
  • M
Improperly Controlled Sequential Memory Allocation

*
  • M
Improperly Controlled Sequential Memory Allocation

*
  • M
Improperly Controlled Sequential Memory Allocation

*
  • M
Improperly Controlled Sequential Memory Allocation

*
  • L
Incorrect Default Permissions

<4:1.1.4-1.el9
  • L
Incorrect Default Permissions

<4:1.1.4-1.el9
  • L
Incorrect Default Permissions

*
  • L
Incorrect Default Permissions

<4:1.1.4-1.el9
  • L
Incorrect Default Permissions

<4:1.1.4-1.el9
  • L
Insufficient Entropy

*
  • L
Insufficient Entropy

*
  • M
Integer Overflow or Wraparound

*
  • M
Buffer Overflow

*
  • M
Resource Exhaustion

*
  • M
Unchecked Return Value

*
  • M
Incorrect Authorization

*
  • M
Integer Overflow or Wraparound

*
  • M
Information Exposure

*
  • M
Integer Overflow or Wraparound

<4:1.1.9-1.el9
  • H
Time-of-check Time-of-use (TOCTOU)

*
  • M
Path Equivalence

*
  • M
Path Equivalence

*
  • L
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Improper Input Validation

*