rpm package
suse/containerd&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP3
pkg:rpm/suse/containerd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3
Vulnerabilities (7)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-64329 | — | < 1.7.29-150000.128.1 | 1.7.29-150000.128.1 | Nov 7, 2025 | containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks | ||
| CVE-2024-25621 | — | < 1.7.29-150000.128.1 | 1.7.29-150000.128.1 | Nov 6, 2025 | containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths `/var/lib/containerd`, `/run/containerd | ||
| CVE-2023-45288 | Hig | 7.5 | < 1.7.17-150000.111.3 | 1.7.17-150000.111.3 | Apr 4, 2024 | An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed Ma | |
| CVE-2023-47108 | — | < 1.7.21-150000.117.1 | 1.7.21-150000.117.1 | Nov 10, 2023 | OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Starting in version 0.37.0 and prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels `net.peer.sock.addr` and `net.peer.sock.port` that have unbound cardinality. | ||
| CVE-2023-45142 | — | < 1.7.21-150000.117.1 | 1.7.21-150000.117.1 | Oct 12, 2023 | OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. A handler wrapper out of the box adds labels `http.user_agent` and `http.method` that have unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests | ||
| CVE-2022-23471 | — | < 1.6.16-150000.82.2 | 1.6.16-150000.82.2 | Dec 7, 2022 | containerd is an open source container runtime. A bug was found in containerd's CRI implementation where a user can exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle terminal resize events if a TTY is requested. If the user's process fails to | ||
| CVE-2022-1996 | — | < 1.7.8-150000.103.1 | 1.7.8-150000.103.1 | Jun 6, 2022 | Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0. |
- CVE-2025-64329Nov 7, 2025affected < 1.7.29-150000.128.1fixed 1.7.29-150000.128.1
containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks
- CVE-2024-25621Nov 6, 2025affected < 1.7.29-150000.128.1fixed 1.7.29-150000.128.1
containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths `/var/lib/containerd`, `/run/containerd
- affected < 1.7.17-150000.111.3fixed 1.7.17-150000.111.3
An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed Ma
- CVE-2023-47108Nov 10, 2023affected < 1.7.21-150000.117.1fixed 1.7.21-150000.117.1
OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Starting in version 0.37.0 and prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels `net.peer.sock.addr` and `net.peer.sock.port` that have unbound cardinality.
- CVE-2023-45142Oct 12, 2023affected < 1.7.21-150000.117.1fixed 1.7.21-150000.117.1
OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. A handler wrapper out of the box adds labels `http.user_agent` and `http.method` that have unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests
- CVE-2022-23471Dec 7, 2022affected < 1.6.16-150000.82.2fixed 1.6.16-150000.82.2
containerd is an open source container runtime. A bug was found in containerd's CRI implementation where a user can exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle terminal resize events if a TTY is requested. If the user's process fails to
- CVE-2022-1996Jun 6, 2022affected < 1.7.8-150000.103.1fixed 1.7.8-150000.103.1
Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.