RHCOS 4 : OpenShift Container Platform 4.6.59 (RHSA-2022:4947)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:4947 advisory. - cri-o: memory exhaustion on the node when access to the kube api CVE-2022-1708 - credentials: Stored XSS vulnerabilities in jenkin...

RHCOS 3 : OpenShift Container Platform 3.11.715 (RHSA-2022:4999)

The remote Red Hat Enterprise Linux CoreOS 3 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:4999 advisory. - cri-o: memory exhaustion on the node when access to the kube api CVE-2022-1708 Note that Nessus has not tested for this issue but has inste...

RHEL 9 : conmon (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - cri-o: memory exhaustion on the node when access to the kube api CVE-2022-1708 Note that Nessus has not tested for...

RHEL 9 : cri-o (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - cri-o: memory exhaustion on the node when access to the kube api CVE-2022-1708 Note that Nessus has not tested for...

CBL Mariner 2.0 Security Update: cri-o (CVE-2022-1708)

The version of cri-o installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-1708 advisory. - A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with...

CVE-2022-1708 affecting package cri-o for versions less than 1.21.7-1

CVE-2022-1708 affecting package cri-o for versions less than 1.21.7-1. A patched version of the package is available...

Mageia: Security Advisory (MGASA-2023-0240)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated cri-o packages fix security vulnerability

Denial of service due to memory or disk exhaustion. CVE-2022-1708...

Rocky Linux 8 : container-tools:rhel8 (RLSA-2022:7457)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7457 advisory. - runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 whe...

SUSE SLES15 Security Update : conmon (SUSE-SU-2022:4635-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:4635-1 advisory. - A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The...

SUSE SLES15 Security Update : conmon (SUSE-SU-2022:4607-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:4607-1 advisory. - A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The...

SUSE-SU-2022:4607-1 Security update for conmon

This update for conmon fixes the following issues: conmon was updated to version 2.1.5: don't leak syslogidentifier logging: do not read more that the buf size logging: fix error handling Makefile: Fix install for FreeBSD signal: Track changes to getsignaldescriptor in the FreeBSD version Packit:...

Security fix for the ALT Linux 10 package cri-o version 1.24.3-alt1

Nov. 24, 2022 Mikhail Gordeev 1.24.3-alt1 - 1.24.3 - Fixes: CVE-2022-1708...

Oracle Linux 8 : container-tools:4.0 (ELSA-2022-7469)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7469 advisory. buildah 1:1.24.5-2 - update to the latest content of https://github.com/containers/buildah/tree/release-1.24...

container-tools:3.0 security update

buildah 1.19.9-6 - update to the latest content of https://github.com/containers/buildah/tree/release-1.19 https://github.com/containers/buildah/commit/6d7f496 - Related: 2061390 1.19.9-5 - update to the latest content of https://github.com/containers/buildah/tree/release-1.19...

SUSE SLES15 Security Update : conmon (SUSE-SU-2022:3896-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:3896-1 advisory. - A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The...

SUSE: Security Advisory (SUSE-SU-2022:3896-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: container-tools:rhel8 security, bug fix, and enhancement update

An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

RLSA-2022:7529 Moderate: container-tools:3.0 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: golang: net/http: improper sanitization of Transfer-Encoding header CVE-2022-1705 cri-o: memory exhaustion on the node when access to the kube api CVE-2022-1708 golang...

RLSA-2022:7469 Moderate: container-tools:4.0 security and bug fix update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: cri-o: memory exhaustion on the node when access to the kube api CVE-2022-1708 golang: crash in a golang.org/x/crypto/ssh server CVE-2022-27191 runc: incorrect handlin...