pkg:Go/github.com/cri-o/cri-o

All known vulnerabilities

• HIGH8.8CVE-2022-0811Code Injection in CRI-O in github.com/cri-o/cri-o
  >= 1.19.0, < 1.19.6
• HIGH8.8CVE-2022-0811Code Injection in CRI-O in github.com/cri-o/cri-o
  >= 1.19.0, < 1.19.6, >= 1.20.0, < 1.20.7, >= 1.21.0, < 1.21.6, >= 1.22.0, < 1.22.3, >= 1.23.0, < 1.23.2
• HIGH8.1CVE-2024-5154malicious container creates symlink "mtab" on the host External in github.com/cri-o/cri-o
  >= 1.28.6, < 1.28.7, >= 1.29.4, < 1.29.5, >= 1.30.0, < 1.30.1
• HIGH8.1malicious container creates symlink "mtab" on the host External in github.com/cri-o/cri-o
  >= 1.28.6, < 1.28.7
• HIGH7.5Node DOS by way of memory exhaustion through ExecSync request in CRI-O in github.com/cri-o/cri-o
  >= 1.24.0, < 1.24.1
• HIGH7.5Node DOS by way of memory exhaustion through ExecSync request in CRI-O in github.com/cri-o/cri-o
  from 0, < 1.22.5, >= 1.23.0, < 1.23.3, >= 1.24.0, < 1.24.1
• HIGH7.4CRI-O: Maliciously structured checkpoint file can gain arbitrary node access in github.com/cri-o/cri-o
  from 0, < 1.29.11
• HIGH7.4CRI-O: Maliciously structured checkpoint file can gain arbitrary node access in github.com/cri-o/cri-o
  from 0, < 1.29.11, >= 1.30.0, < 1.30.8, >= 1.31.0, < 1.31.3
• HIGH7.2CRI-O vulnerable to an arbitrary systemd property injection in github.com/cri-o/cri-o
  >= 1.29.0, < 1.29.4
• HIGH7.2CRI-O vulnerable to an arbitrary systemd property injection in github.com/cri-o/cri-o
  from 0, < 1.27.6, >= 1.28.0, < 1.28.6, >= 1.29.0, < 1.29.4
• HIGH7.1CRI-O incorrect handling of supplementary groups may lead to sensitive information disclosure in github.com/cri-o/cri-o
  from 0, < 1.25.0
• HIGH7.1CRI-O incorrect handling of supplementary groups may lead to sensitive information disclosure in github.com/cri-o/cri-o
  from 0, < 1.25.0
• MEDIUM6.6CRI-O Path Traversal vulnerability in github.com/cri-o/cri-o
  from 0
• MEDIUM6.6CRI-O Path Traversal vulnerability in github.com/cri-o/cri-o
  from 0, <= 1.33.0
• MEDIUM6.5CRI-O's pods can break out of resource confinement on cgroupv2 in github.com/cri-o/cri-o
  >= 1.29.0, < 1.29.1
• MEDIUM6.5CRI-O's pods can break out of resource confinement on cgroupv2 in github.com/cri-o/cri-o
  from 0, < 1.27.3, >= 1.28.0, < 1.28.3, >= 1.29.0, < 1.29.1
• MEDIUM6.1CRI-O vulnerable to /etc/passwd tampering resulting in Privilege Escalation in github.com/cri-o/cri-o
  from 0, < 1.26.0
• MEDIUM6.1CRI-O vulnerable to /etc/passwd tampering resulting in Privilege Escalation in github.com/cri-o/cri-o
  from 0, < 1.26.0
• MEDIUM5.7CRI-O has Potential High Memory Consumption from File Read in github.com/cri-o/cri-o
  from 0, <= 1.33.3
• MEDIUM5.7CRI-O has Potential High Memory Consumption from File Read in github.com/cri-o/cri-o
  from 0
• MEDIUM4.8Incorrect Default Permissions in CRI-O in github.com/cri-o/cri-o
  from 0, < 1.24.0
• MEDIUM4.8Incorrect Default Permissions in CRI-O in github.com/cri-o/cri-o
  from 0, < 1.24.0
• MEDIUM4.2Incorrect Permission Assignment for Critical Resource in CRI-O in github.com/cri-o/cri-o
  from 0, < 1.23.1
• MEDIUM4.2Incorrect Permission Assignment for Critical Resource in CRI-O in github.com/cri-o/cri-o
  from 0, < 1.23.1