VYPR

rpm package

almalinux/crun

pkg:rpm/almalinux/crun

Vulnerabilities (93)

  • CVE-2026-30892Mar 25, 2026
    affected < 1.27-1.el9_7fixed 1.27-1.el9_7

    crun is an open source OCI Container Runtime fully written in C. In versions 1.19 through 1.26, the `crun exec` option `-u` (`--user`) is incorrectly parsed. The value `1` is interpreted as UID 0 and GID 0 when it should have been UID 1 and GID 0. The process thus runs with hig

  • CVE-2025-68121CriFeb 5, 2026
    affected < 1.14.3-2.module_el8.10.0+4120+03ad4b47fixed 1.14.3-2.module_el8.10.0+4120+03ad4b47

    During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and

  • CVE-2025-61728Jan 28, 2026
    affected < 1.14.3-2.module_el8.10.0+4120+03ad4b47fixed 1.14.3-2.module_el8.10.0+4120+03ad4b47

    archive/zip uses a super-linear file name indexing algorithm that is invoked the first time a file in an archive is opened. This can lead to a denial of service when consuming a maliciously constructed ZIP archive.

  • CVE-2025-61726Jan 28, 2026
    affected < 1.14.3-2.module_el8.10.0+4120+03ad4b47fixed 1.14.3-2.module_el8.10.0+4120+03ad4b47

    The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large URL-encoded forms. Parsing a la

  • CVE-2025-65637Dec 4, 2025
    affected < 1.14.3-2.module_el8.10.0+4120+03ad4b47fixed 1.14.3-2.module_el8.10.0+4120+03ad4b47

    A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters. Due to limitations in the internal bufio.Scanner, the read fails with "token too long" and the writer pipe is

  • CVE-2025-61729Dec 2, 2025
    affected < 1.14.3-2.module_el8.10.0+4120+03ad4b47fixed 1.14.3-2.module_el8.10.0+4120+03ad4b47

    Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a

  • CVE-2025-47913Nov 13, 2025
    affected < 1.14.3-2.module_el8.10.0+3858+6ad51f9ffixed 1.14.3-2.module_el8.10.0+3858+6ad51f9f

    SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.

  • CVE-2025-52881Nov 6, 2025
    affected < 1.14.3-2.module_el8.10.0+3845+87b84552fixed 1.14.3-2.module_el8.10.0+3845+87b84552

    runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2 and 1.4.0-rc.2, an attacker can trick runc into misdirecting writes to /proc to other procfs files through the use of a racing container with shared mounts (we have

  • CVE-2025-52565Nov 6, 2025
    affected < 1.14.3-2.module_el8.10.0+3845+87b84552fixed 1.14.3-2.module_el8.10.0+3845+87b84552

    runc is a CLI tool for spawning and running containers according to the OCI specification. Versions 1.0.0-rc3 through 1.2.7, 1.3.0-rc.1 through 1.3.2, and 1.4.0-rc.1 through 1.4.0-rc.2, due to insufficient checks when bind-mounting `/dev/pts/$n` to `/dev/console` inside the conta

  • CVE-2025-31133Nov 6, 2025
    affected < 1.14.3-2.module_el8.10.0+3845+87b84552fixed 1.14.3-2.module_el8.10.0+3845+87b84552

    runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through 1.3.1, 1.4.0-rc.1 and 1.4.0-rc.2 files, runc would not perform sufficient verification that the source of the bind-mount (i.e., the container

  • CVE-2025-9566HigSep 5, 2025
    affected < 1.14.3-2.module_el8.10.0+3845+87b84552fixed 1.14.3-2.module_el8.10.0+3845+87b84552

    There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only

  • CVE-2025-6032HigJun 24, 2025
    affected < 1.14.3-2.module_el8.10.0+3845+87b84552fixed 1.14.3-2.module_el8.10.0+3845+87b84552

    A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack.

  • CVE-2025-22871CriApr 8, 2025
    affected < 1.14.3-2.module_el8.10.0+3845+87b84552fixed 1.14.3-2.module_el8.10.0+3845+87b84552

    The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.

  • CVE-2025-22869Feb 26, 2025
    affected < 1.14.3-2.module_el8.10.0+3845+87b84552fixed 1.14.3-2.module_el8.10.0+3845+87b84552

    SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.

  • CVE-2024-11218HigJan 22, 2025
    affected < 1.14.3-2.module_el8.10.0+3845+87b84552fixed 1.14.3-2.module_el8.10.0+3845+87b84552

    A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and d

  • CVE-2024-9676Oct 15, 2024
    affected < 1.14.3-2.module_el8.10.0+3845+87b84552fixed 1.14.3-2.module_el8.10.0+3845+87b84552

    A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned

  • CVE-2024-9675Oct 9, 2024
    affected < 1.14.3-2.module_el8.10.0+3845+87b84552fixed 1.14.3-2.module_el8.10.0+3845+87b84552

    A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as lo

  • CVE-2024-9407MedOct 1, 2024
    affected < 1.14.3-2.module_el8.10.0+3845+87b84552fixed 1.14.3-2.module_el8.10.0+3845+87b84552

    A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrary parameters to the mount instruction. This issue can be exploited to mount sensi

  • CVE-2024-9341Oct 1, 2024
    affected < 1.14.3-2.module_el8.10.0+3845+87b84552fixed 1.14.3-2.module_el8.10.0+3845+87b84552

    A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting se

  • CVE-2024-34158HigSep 6, 2024
    affected < 1.14.3-2.module_el8.10.0+3845+87b84552fixed 1.14.3-2.module_el8.10.0+3845+87b84552

    Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

Page 1 of 5