Search for packages
| purl | pkg:rpm/redhat/cri-o@1.24.1-11.rhaos4.11.gitb0d2ef3?arch=el8 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1n1h-e2p4-9yhs
Aliases: CVE-2022-27191 GHSA-8c26-wmh5-6g9v |
golang.org/x/crypto/ssh Denial of service via crafted Signer The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey. | There are no reported fixed by versions. |
|
VCID-n34c-71wq-s3e4
Aliases: CVE-2021-43565 GHSA-gwc9-m7rh-j2ww |
x/crypto/ssh vulnerable to panic via malformed packets The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an unauthenticated attacker to panic an SSH server. When using AES-GCM or ChaCha20Poly1305, consuming a malformed packet which contains an empty plaintext causes a panic. | There are no reported fixed by versions. |
|
VCID-ps89-8u5a-kfc8
Aliases: CVE-2022-1705 |
Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:00:59.371460+00:00 | RedHat Importer | Affected by | VCID-n34c-71wq-s3e4 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43565.json | 38.0.0 |
| 2026-04-01T13:59:13.606378+00:00 | RedHat Importer | Affected by | VCID-1n1h-e2p4-9yhs | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27191.json | 38.0.0 |
| 2026-04-01T13:57:48.701712+00:00 | RedHat Importer | Affected by | VCID-ps89-8u5a-kfc8 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1705.json | 38.0.0 |