rpm package
opensuse/containerd&distro=openSUSE Leap 15.4
pkg:rpm/opensuse/containerd&distro=openSUSE%20Leap%2015.4
Vulnerabilities (10)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-25173 | — | < 1.6.19-150000.87.1 | 1.6.19-150000.87.1 | Feb 16, 2023 | containerd is an open source container runtime. A bug was found in containerd prior to versions 1.6.18 and 1.5.18 where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group acces | ||
| CVE-2023-25153 | — | < 1.6.19-150000.87.1 | 1.6.19-150000.87.1 | Feb 16, 2023 | containerd is an open source container runtime. Before versions 1.6.18 and 1.5.18, when importing an OCI image, there was no limit on the number of bytes read for certain files. A maliciously crafted image with a large file where a limit was not applied could cause a denial of se | ||
| CVE-2022-23471 | — | < 1.6.12-150000.79.1 | 1.6.12-150000.79.1 | Dec 7, 2022 | containerd is an open source container runtime. A bug was found in containerd's CRI implementation where a user can exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle terminal resize events if a TTY is requested. If the user's process fails to | ||
| CVE-2021-43565 | — | < 1.5.11-150000.68.1 | 1.5.11-150000.68.1 | Sep 6, 2022 | The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server. | ||
| CVE-2022-31030 | — | < 1.6.6-150000.73.2 | 1.6.6-150000.73.2 | Jun 6, 2022 | containerd is an open source container runtime. A bug was found in the containerd's CRI implementation where programs inside a container can cause the containerd daemon to consume memory without bound during invocation of the `ExecSync` API. This can cause containerd to consume a | ||
| CVE-2022-1996 | — | < 1.7.8-150000.103.1 | 1.7.8-150000.103.1 | Jun 6, 2022 | Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0. | ||
| CVE-2022-29162 | — | < 1.6.6-150000.73.2 | 1.6.6-150000.73.2 | May 17, 2022 | runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where `runc exec --cap` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environme | ||
| CVE-2022-24769 | — | < 1.5.11-150000.68.1 | 1.5.11-150000.68.1 | Mar 24, 2022 | Moby is an open-source project created by Docker to enable and accelerate software containerization. A bug was found in Moby (Docker Engine) prior to version 20.10.14 where containers were incorrectly started with non-empty inheritable Linux process capabilities, creating an atyp | ||
| CVE-2022-27191 | — | < 1.5.11-150000.68.1 | 1.5.11-150000.68.1 | Mar 18, 2022 | The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey. | ||
| CVE-2022-23648 | — | < 1.5.11-150000.68.1 | 1.5.11-150000.68.1 | Mar 3, 2022 | containerd is a container runtime available as a daemon for Linux and Windows. A bug was found in containerd prior to versions 1.6.1, 1.5.10, and 1.14.12 where containers launched through containerd’s CRI implementation on Linux with a specially-crafted image configuration could |
- CVE-2023-25173Feb 16, 2023affected < 1.6.19-150000.87.1fixed 1.6.19-150000.87.1
containerd is an open source container runtime. A bug was found in containerd prior to versions 1.6.18 and 1.5.18 where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group acces
- CVE-2023-25153Feb 16, 2023affected < 1.6.19-150000.87.1fixed 1.6.19-150000.87.1
containerd is an open source container runtime. Before versions 1.6.18 and 1.5.18, when importing an OCI image, there was no limit on the number of bytes read for certain files. A maliciously crafted image with a large file where a limit was not applied could cause a denial of se
- CVE-2022-23471Dec 7, 2022affected < 1.6.12-150000.79.1fixed 1.6.12-150000.79.1
containerd is an open source container runtime. A bug was found in containerd's CRI implementation where a user can exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle terminal resize events if a TTY is requested. If the user's process fails to
- CVE-2021-43565Sep 6, 2022affected < 1.5.11-150000.68.1fixed 1.5.11-150000.68.1
The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.
- CVE-2022-31030Jun 6, 2022affected < 1.6.6-150000.73.2fixed 1.6.6-150000.73.2
containerd is an open source container runtime. A bug was found in the containerd's CRI implementation where programs inside a container can cause the containerd daemon to consume memory without bound during invocation of the `ExecSync` API. This can cause containerd to consume a
- CVE-2022-1996Jun 6, 2022affected < 1.7.8-150000.103.1fixed 1.7.8-150000.103.1
Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.
- CVE-2022-29162May 17, 2022affected < 1.6.6-150000.73.2fixed 1.6.6-150000.73.2
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where `runc exec --cap` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environme
- CVE-2022-24769Mar 24, 2022affected < 1.5.11-150000.68.1fixed 1.5.11-150000.68.1
Moby is an open-source project created by Docker to enable and accelerate software containerization. A bug was found in Moby (Docker Engine) prior to version 20.10.14 where containers were incorrectly started with non-empty inheritable Linux process capabilities, creating an atyp
- CVE-2022-27191Mar 18, 2022affected < 1.5.11-150000.68.1fixed 1.5.11-150000.68.1
The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.
- CVE-2022-23648Mar 3, 2022affected < 1.5.11-150000.68.1fixed 1.5.11-150000.68.1
containerd is a container runtime available as a daemon for Linux and Windows. A bug was found in containerd prior to versions 1.6.1, 1.5.10, and 1.14.12 where containers launched through containerd’s CRI implementation on Linux with a specially-crafted image configuration could