RHCOS 3 : OpenShift Container Platform 3.9 cri-o (RHSA-2019:3812)

The remote Red Hat Enterprise Linux CoreOS 3 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:3812 advisory. - containers/image: not enforcing TLS when sending username+password credentials to token servers leading to credential disclosure...

RHCOS 4 : OpenShift Container Platform 4.7.45 (RHSA-2022:0870)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0870 advisory. - cri-o: pod with access to 'hostIPC' and 'hostNetwork' kernel namespace allows sysctl from the list of safe sysctls to be applied t...

RHCOS 4 : OpenShift Container Platform 4.1.17 cri-o (RHSA-2019:2825)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:2825 advisory. - containers/image: not enforcing TLS when sending username+password credentials to token servers leading to credential disclosure...

RHCOS 4 : OpenShift Container Platform 4.9.25 (RHSA-2022:0860)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:0860 advisory. - CRI-O: Arbitrary code execution in cri-o via abusing kernel.corepattern kernel parameter CVE-2022-0811 Note that Nessus has not tested for...

RHCOS 4 : OpenShift Container Platform 4.9.38 (RHSA-2022:4972)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:4972 advisory. - cri-o: memory exhaustion on the node when access to the kube api CVE-2022-1708 Note that Nessus has not tested for this issue but has inste...

RHCOS 4 : OpenShift Container Platform 4.13.43 (RHSA-2024:3496)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:3496 advisory. - cri-o: Arbitrary command injection via pod annotation CVE-2024-3154 Note that Nessus has not tested for this issue but has instead relied...

RHCOS 4 : OpenShift Container Platform 4.15.17 (RHSA-2024:3676)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:3676 advisory. - cri-o: malicious container can create symlink on host CVE-2024-5154 Note that Nessus has not tested for this issue but has instead relied...

RHCOS 4 : OpenShift Container Platform 4.13.53 (RHSA-2024:8690)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:8690 advisory. - Podman: Buildah: cri-o: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library CVE-2024-9341 - buildah: Build...

MiracleLinux 8 : container-tools:rhel8 (AXSA:2022-4425:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4425:01 advisory. golang: net/http/httputil: panic due to racy read of persistConn after handler panic CVE-2021-36221 cri-o: memory exhaustion on the node when access...

TencentOS Server 3: conmon (TSSA-2022:0258)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0258 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

EUVD-2024-50452

Malicious code in bioql PyPI...

EUVD-2025-0171

Malicious code in bioql PyPI...

EUVD-2022-7601

Malicious code in bioql PyPI...

Fedora 44 : cri-o1.33 (2025-7bc36fec81)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-7bc36fec81 advisory. Automatic update for cri-o1.33-1.33.5-1.fc44. Changelog Thu Oct 2 2025 Bradley G Smith - 1.33.5-1 - Update to release v1.33.5 - Resolves: rhbz233335...

CVE-2025-4437

There's a vulnerability in the CRI-O application where when container is launched with securityContext.runAsUser specifying a non-existent user, CRI-O attempts to create the user, reading the container's entire /etc/passwd file into memory. If this file is excessively large, it can cause the a hi...

CVE-2024-9676 affecting package cri-o for versions less than 1.22.3-14

CVE-2024-9676 affecting package cri-o for versions less than 1.22.3-14. A patched version of the package is available...

Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a cri-o security vulnerability (CVE-2024-5154)

Summary Red Hat OpenShift on IBM Cloud is affected by a security vulnerability found in the cri-o component which could allow an attacker to send a specially crafted URL request containing "dot dot" sequences /../ to read and write arbitrary files on the system. Vulnerability Details CVEID:...

CVE-2023-49568 affecting package cri-o for versions less than 1.22.3-12

CVE-2023-49568 affecting package cri-o for versions less than 1.22.3-12. A patched version of the package is available...

AZL-57111 CVE-2025-27144 affecting package cri-o 1.30.1-1

Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption JWE, JSON Web Signature JWS, and JSON Web Token JWT standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.17.16 security update

Red Hat OpenShift Container Platform release 4.17.16 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...