Cri-o
This hub aggregates every CVE we track for Cri-o, a product in the cloud saas space. Use it to gauge the current risk picture and drill into individual advisories.
5
CVEs tracked
0
Critical
3
High
0
In CISA KEV
Severity distribution
HIGH3MEDIUM2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 5 most recently published vulnerabilities affecting Cri-o.
- CVE-2022-1708A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the out...7.5
- CVE-2022-0811A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime to achieve a container...8.8
- CVE-2022-0532An incorrect sysctls validation vulnerability was found in CRI-O 1.18 and earlier. The sysctls from the list of "safe" sysctls specified for the cluster will be applied to the host if an attacker i...4.2
- CVE-2019-14891A flaw was found in cri-o, as a result of all pod-related processes being placed in the same memory cgroup. This can result in container management (conmon) processes being killed if a workload pro...5.0
- CVE-2018-1000400Kubernetes CRI-O version prior to 1.9 contains a Privilege Context Switching Error (CWE-270) vulnerability in the handling of ambient capabilities that can result in containers running with elevate...8.8
Product normalization is registry-driven with AI assist and human review. How it works