54 matches found
Medium: containerd
Issue Overview: x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically bas...
OPENSUSE-SU-2026:21213-1 Security update for containerd
This update for containerd fixes the following issues Update to 1.7.33: - CVE-2024-25621: overly broad default permission vulnerability bsc1253126. - CVE-2025-64329: goroutine leaks can lead to memory exhaustion on the host bsc1253132. - CVE-2026-33186: google.golang.org/grpc: authorization bypas...
SUSE SLED15 / SLES15 Security Update : containerd (SUSE-SU-2026:2639-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2639-1 advisory. This update for containerd fixes the following issues - CVE-2026-33186: google.golang.org/grpc: authorization...
openSUSE Security Advisory (SUSE-SU-2026:1105-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Medium: containerd
Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : containerd (SUSE-SU-2025:4288-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4288-1 advisory. - Update to containerd v1.7.29 - CVE-2024-25621: Fixed an overly broad default permission...
openSUSE Security Advisory (SUSE-SU-2025:4288-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2025:4288-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for containerd
This update for containerd fixes the following issues: Update to containerd v1.7.29 CVE-2024-25621: Fixed an overly broad default permission vulnerability. bsc1253126 CVE-2025-64329: Fixed a goroutine leaks which can lead to memory exhaustion on the host. bsc1253132 Patch Instructions: To install...
Photon OS 5.0: Containerd PHSA-2025-5.0-0682
An update of the containerd package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0682. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
SUSE-SU-2025:21057-1 Security update for containerd
This update for containerd fixes the following issues: - CVE-2024-25621: Fixed overly broad default permission vulnerability bsc1253126. - CVE-2025-64329: Fixed goroutine leaks can lead to memory exhaustion on the host bsc1253132...
SUSE-SU-2025:21042-1 Security update for containerd
This update for containerd fixes the following issues: Update to containerd v1.7.29: - CVE-2024-25621: Fixed overly broad default permission vulnerability bsc1253126. - CVE-2025-64329: Fixed goroutine leaks that could have led to memory exhaustion on the host bsc1253132...
SUSE: Security Advisory (SUSE-SU-2025:4072-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : containerd (SUSE-SU-2025:4072-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4072-1 advisory. - Update to containerd v1.7.29 - CVE-2024-25621: Fixed an overly broad default permission vulnerability. bsc1253126 - CVE-2025-64329: Fixed a...
Security update for containerd
This update for containerd fixes the following issues: Updated to version 1.7.27: CVE-2024-40635: Fixed integer overflow in User ID handling bsc1239749 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for containerd
This update for containerd fixes the following issues: Updated containerd to v1.7.27. CVE-2024-40635: Fixed integer overflow in User ID handling bsc1239749. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
SUSE-SU-2025:20216-1 Security update for containerd
This update for containerd fixes the following issues: - Updated containerd to v1.7.27. - CVE-2024-40635: Fixed integer overflow in User ID handling bsc1239749...
openSUSE Security Advisory (SUSE-SU-2025:1345-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for containerd
This update for containerd fixes the following issues: CVE-2024-40635: Fixed integer overflow in User ID handling bsc1239749 Other fixes: - Update to containerd v1.7.27. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Medium: containerd
Issue Overview: containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set as a UID:GID larger than the maximum 32-bit signed integer can cause an overflow condition where the container...