93 matches found
CVE-2026-39821 affecting package cri-tools for versions less than 1.32.0-6
CVE-2026-39821 affecting package cri-tools for versions less than 1.32.0-6. A patched version of the package is available...
CVE-2026-27136 affecting package cri-tools for versions less than 1.32.0-6
CVE-2026-27136 affecting package cri-tools for versions less than 1.32.0-6. A patched version of the package is available...
CVE-2026-42506 affecting package cri-tools for versions less than 1.32.0-6
CVE-2026-42506 affecting package cri-tools for versions less than 1.32.0-6. A patched version of the package is available...
CVE-2026-42502 affecting package cri-tools for versions less than 1.32.0-6
CVE-2026-42502 affecting package cri-tools for versions less than 1.32.0-6. A patched version of the package is available...
CVE-2026-25681 affecting package cri-tools for versions less than 1.32.0-6
CVE-2026-25681 affecting package cri-tools for versions less than 1.32.0-6. A patched version of the package is available...
CVE-2026-25680 affecting package cri-tools for versions less than 1.32.0-6
CVE-2026-25680 affecting package cri-tools for versions less than 1.32.0-6. A patched version of the package is available...
Amazon Linux 2 : cri-tools, --advisory ALAS2-2026-3310 (ALAS-2026-3310)
The version of cri-tools installed on the remote host is prior to 1.32.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3310 advisory. Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta...
Important: cri-tools
Issue Overview: Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value "refresh". A new GODEBUG setting has been added, htmlmetacontenturlescape, which can be used to disable escapi...
CVE-2026-35469 affecting package cri-tools for versions less than 1.32.0-5
CVE-2026-35469 affecting package cri-tools for versions less than 1.32.0-5. A patched version of the package is available...
cri-tools-1.36.0-1.1 on GA media (moderate)
cri-tools-1.36.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10690-1 Rating: moderate Cross-References: CVE-2026-33186 CVSS scores: CVE-2026-33186 SUSE : 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N CVE-2026-33186 SUSE : 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:...
OPENSUSE-SU-2026:10690-1 cri-tools-1.36.0-1.1 on GA media
These are all security issues fixed in the cri-tools-1.36.0-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-37364
These are all security issues fixed in the cri-tools-1.36.0-1.1 package on the GA media of openSUSE Tumbleweed...
Amazon Linux 2 : cri-tools, --advisory ALAS2-2026-3236 (ALAS-2026-3236)
"The version of cri-tools installed on the remote host is prior to 1.32.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3236 advisory. The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negati...
CVE-2026-32285 vulnerabilities
Vulnerabilities for packages: nfpm, lazygit, cri-tools, loki, grafana-alloy, dagger, dgraph, terraform-mcp-server, minio, rclone, terragrunt, eksctl, k3s, weaviate, k8sgpt, mcp-grafana, ollama, opentelemetry-collector, prometheus, datadog-agent, tempo, redpanda, maru, grafana, malcontent, nuclei,...
CVE-2025-58190 affecting package cri-tools for versions less than 1.32.0-4
CVE-2025-58190 affecting package cri-tools for versions less than 1.32.0-4. A patched version of the package is available...
CVE-2025-47911 affecting package cri-tools for versions less than 1.32.0-4
CVE-2025-47911 affecting package cri-tools for versions less than 1.32.0-4. A patched version of the package is available...
CVE-2025-47911 affecting package cri-tools for versions less than 1.29.0-9
CVE-2025-47911 affecting package cri-tools for versions less than 1.29.0-9. A patched version of the package is available...
CVE-2025-58190 affecting package cri-tools for versions less than 1.29.0-9
CVE-2025-58190 affecting package cri-tools for versions less than 1.29.0-9. A patched version of the package is available...
AZL-76851 CVE-2025-58190 affecting package cri-tools for versions less than 1.29.0-9
The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...
AZL-76919 CVE-2025-58190 affecting package cri-tools 1.32.0-3
The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...