Search CVE reports
1 – 10 of 34 results
[Unknown description]
3 affected packages
containerd, containerd-app, containerd-stable
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| containerd | Not affected | Not affected | Not affected | Not affected | Not affected |
| containerd-app | Fixed | Fixed | Fixed | Not affected | — |
| containerd-stable | Fixed | Not in release | Not in release | — | — |
[Unknown description]
3 affected packages
containerd, containerd-app, containerd-stable
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| containerd | Not affected | Not affected | Not affected | Not affected | Not affected |
| containerd-app | Fixed | Fixed | Fixed | Not affected | — |
| containerd-stable | Fixed | Not in release | Not in release | — | — |
Some fixes available 12 of 13
[Unknown description]
3 affected packages
containerd, containerd-app, containerd-stable
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| containerd | Fixed | Fixed | Fixed | Fixed | Fixed |
| containerd-app | Fixed | Fixed | Fixed | Fixed | — |
| containerd-stable | Fixed | Not in release | Not in release | — | — |
[Unknown description]
3 affected packages
containerd, containerd-app, containerd-stable
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| containerd | Not affected | Not affected | Not affected | Not affected | Not affected |
| containerd-app | Fixed | Fixed | Fixed | Not affected | — |
| containerd-stable | Fixed | Not in release | Not in release | — | — |
Some fixes available 12 of 13
[Unknown description]
3 affected packages
containerd, containerd-app, containerd-stable
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| containerd | Fixed | Fixed | Fixed | Fixed | Fixed |
| containerd-app | Fixed | Fixed | Fixed | Fixed | — |
| containerd-stable | Fixed | Not in release | Not in release | — | — |
Some fixes available 5 of 30
When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.
7 affected packages
adsys, containerd, golang-golang-x-net, golang-golang-x-net-dev, google-guest-agent...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| adsys | Fixed | Fixed | Fixed | Fixed | — |
| containerd | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| golang-golang-x-net | Vulnerable | Vulnerable | Vulnerable | — | — |
| golang-golang-x-net-dev | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
| google-guest-agent | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| juju-core | Not in release | Not in release | Not in release | — | — |
| lxd | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic
7 affected packages
adsys, containerd, golang-golang-x-net, golang-golang-x-net-dev, google-guest-agent...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| adsys | Fixed | Not affected | Not affected | Not affected | — |
| containerd | Not affected | Not affected | Not affected | Not affected | Not affected |
| golang-golang-x-net | Not affected | Not affected | Not affected | — | — |
| golang-golang-x-net-dev | Not in release | Not in release | Not in release | Not affected | Not affected |
| google-guest-agent | Not affected | Not affected | Not affected | Not affected | Not affected |
| juju-core | Not in release | Not in release | Not in release | — | — |
| lxd | Not in release | Not in release | Not in release | Not affected | Not affected |
Some fixes available 8 of 10
The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.
7 affected packages
adsys, containerd, golang-golang-x-net, golang-golang-x-net-dev, google-guest-agent...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| adsys | Not affected | Not affected | Not affected | Not affected | — |
| containerd | Not affected | Not affected | Not affected | Not affected | Not affected |
| golang-golang-x-net | Vulnerable | Fixed | Fixed | — | — |
| golang-golang-x-net-dev | Not in release | Not in release | Not in release | Fixed | Fixed |
| google-guest-agent | Not affected | Not affected | Not affected | Not affected | Not affected |
| juju-core | Not in release | Not in release | Not in release | — | — |
| lxd | Not in release | Not in release | Not in release | Not affected | Fixed |
Some fixes available 8 of 10
The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.
7 affected packages
adsys, containerd, golang-golang-x-net, golang-golang-x-net-dev, google-guest-agent...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| adsys | Not affected | Not affected | Not affected | Not affected | — |
| containerd | Not affected | Not affected | Not affected | Not affected | Not affected |
| golang-golang-x-net | Vulnerable | Fixed | Fixed | — | — |
| golang-golang-x-net-dev | Not in release | Not in release | Not in release | Fixed | Fixed |
| google-guest-agent | Not affected | Not affected | Not affected | Not affected | Not affected |
| juju-core | Not in release | Not in release | Not in release | — | — |
| lxd | Not in release | Not in release | Not in release | Not affected | Fixed |
Some fixes available 10 of 12
containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can...
2 affected packages
containerd, containerd-app
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| containerd | Not affected | Fixed | Fixed | Fixed | Fixed |
| containerd-app | Not affected | Fixed | Fixed | Fixed | — |