VYPR

apk package

chainguard/cadvisor-fips

pkg:apk/chainguard/cadvisor-fips

Vulnerabilities (84)

  • CVE-2024-3154HigApr 26, 2024
    affected < 0.49.1-r5fixed 0.49.1-r5

    A flaw was found in cri-o, where an arbitrary systemd property can be injected via a Pod annotation. Any user who can create a pod with an arbitrary annotation may perform an arbitrary action on the host system.

  • CVE-2023-45288HigApr 4, 2024
    affected < 0.49.1-r4fixed 0.49.1-r4

    An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed Ma

  • CVE-2024-29018Mar 20, 2024
    affected < 0.52.1-r2fixed 0.52.1-r2

    Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. Moby's networking implementation allows for many networks, each with their own IP address range and gateway, to be define

  • CVE-2024-24557Feb 1, 2024
    affected < 0.52.1-r2fixed 0.52.1-r2

    Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache poisoning if the image is built FROM scratch. Also, changes to some instructions (most important being HEALTHCHECK and ONBUILD) would not cause

Page 5 of 5