2 matches found
Amazon Linux 2 : cri-tools, --advisory ALAS2-2026-3236 (ALAS-2026-3236)
"The version of cri-tools installed on the remote host is prior to 1.32.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3236 advisory. The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negati...
AZL-31304 CVE-2023-44487 affecting package cri-tools for versions less than 1.28.0-2
The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023...