Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:rpm/redhat/cri-o@1.9.16-5.git858756d?arch=el7
purl pkg:rpm/redhat/cri-o@1.9.16-5.git858756d?arch=el7
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 3.1
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-at1e-t3kt-17bg
Aliases:
CVE-2019-10214
GHSA-85p9-j7c9-v4gr
containers/image library Insufficiently Protects Credentials The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launch a MiTM attack and steal login credentials or bearer tokens. There are no reported fixed by versions.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-01T14:16:30.243891+00:00 RedHat Importer Affected by VCID-at1e-t3kt-17bg https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10214.json 38.0.0