Search CVE reports
11 – 20 of 23 results
Some fixes available 5 of 6
containerd is an open source container runtime. A bug was found in the containerd's CRI implementation where programs inside a container can cause the containerd daemon to consume memory without bound during invocation of the...
1 affected package
containerd
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| containerd | — | Fixed | Fixed | Fixed |
Some fixes available 16 of 33
In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.
14 affected packages
golang-1.13, golang-1.18, golang-golang-x-net, google-guest-agent, containerd...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| golang-1.13 | Not in release | Fixed | Fixed | Fixed |
| golang-1.18 | Not in release | Fixed | Fixed | Fixed |
| golang-golang-x-net | Not affected | Vulnerable | Not in release | Not in release |
| google-guest-agent | Fixed | Fixed | Fixed | Needs evaluation |
| containerd | Not affected | Not affected | Not affected | Not affected |
| golang-golang-x-net-dev | Not in release | Not in release | Needs evaluation | Needs evaluation |
| golang-1.10 | — | Not in release | Not in release | Vulnerable |
| golang-1.14 | — | Not in release | Vulnerable | Not in release |
| golang-1.16 | — | Not in release | Fixed | Fixed |
| golang-1.17 | — | Vulnerable | Not in release | Not in release |
| golang-1.6 | — | Not in release | Not in release | Not in release |
| golang-1.8 | — | Not in release | Not in release | Vulnerable |
| golang-1.9 | — | Not in release | Not in release | Vulnerable |
| golang | — | Not in release | Not in release | Not in release |
Some fixes available 3 of 5
The imgcrypt library provides API exensions for containerd to support encrypted container images and implements the ctd-decoder command line tool for use by containerd to decrypt encrypted container images. The imgcrypt function...
1 affected package
containerd
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| containerd | Not affected | Fixed | Fixed | Fixed |
Some fixes available 4 of 6
Moby is an open-source project created by Docker to enable and accelerate software containerization. A bug was found in Moby (Docker Engine) prior to version 20.10.14 where containers were incorrectly started with...
1 affected package
containerd
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| containerd | Not affected | Fixed | Fixed | Fixed |
containerd is a container runtime available as a daemon for Linux and Windows. A bug was found in containerd prior to versions 1.6.1, 1.5.10, and 1.14.12 where containers launched through containerd’s CRI implementation on Linux...
1 affected package
containerd
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| containerd | — | Fixed | Fixed | Fixed |
Some fixes available 4 of 5
containerd is an open source container runtime. A bug was found in containerd's CRI implementation where a user can exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle terminal resize events if...
1 affected package
containerd
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| containerd | Not affected | Fixed | Fixed | Fixed |
Some fixes available 10 of 12
containerd is an open source container runtime. On installations using SELinux, such as EL8 (CentOS, RHEL), Fedora, or SUSE MicroOS, with containerd since v1.5.0-beta.0 as the backing container runtime interface (CRI), an...
1 affected package
containerd
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| containerd | Fixed | Fixed | Fixed | Fixed |
Some fixes available 10 of 19
The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to...
3 affected packages
docker.io, containerd, docker-registry
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| docker.io | Not affected | Not affected | Not affected | Vulnerable |
| containerd | Fixed | Fixed | Fixed | Fixed |
| docker-registry | Not affected | Not affected | Not affected | Not affected |
containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions,...
1 affected package
containerd
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| containerd | — | Fixed | Fixed | Fixed |
containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in...
1 affected package
containerd
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| containerd | — | Fixed | Fixed | Fixed |