{"affected":[{"ecosystem_specific":{"binaries":[{"containerd":"1.5.11-16.57.1","docker":"20.10.14_ce-98.80.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Containers 12","name":"containerd","purl":"pkg:rpm/suse/containerd&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.5.11-16.57.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"containerd":"1.5.11-16.57.1","docker":"20.10.14_ce-98.80.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Containers 12","name":"docker","purl":"pkg:rpm/suse/docker&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20.10.14_ce-98.80.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for containerd, docker fixes the following issues:\n\n- CVE-2022-24769: Fixed incorrect default inheritable capabilities (bsc#1197517).\n- CVE-2022-23648: Fixed directory traversal issue (bsc#1196441).\n- CVE-2021-41190: Fixed parsing confusions in OCI manifest and index (bsc#1193273).\n- CVE-2022-27191: Fixed a crash in a golang.org/x/crypto/ssh server (bsc#1197284).\n- CVE-2021-43565: Fixed a panic in golang.org/x/crypto by empty plaintext packet (bsc#1193930).\n","id":"SUSE-SU-2022:1507-1","modified":"2022-05-03T14:08:25Z","published":"2022-05-03T14:08:25Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2022/suse-su-20221507-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1192814"},{"type":"REPORT","url":"https://bugzilla.suse.com/1193273"},{"type":"REPORT","url":"https://bugzilla.suse.com/1193930"},{"type":"REPORT","url":"https://bugzilla.suse.com/1196441"},{"type":"REPORT","url":"https://bugzilla.suse.com/1197284"},{"type":"REPORT","url":"https://bugzilla.suse.com/1197517"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-41190"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-43565"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-23648"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-24769"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-27191"}],"related":["CVE-2021-41190","CVE-2021-43565","CVE-2022-23648","CVE-2022-24769","CVE-2022-27191"],"summary":"Security update for containerd, docker","upstream":["CVE-2021-41190","CVE-2021-43565","CVE-2022-23648","CVE-2022-24769","CVE-2022-27191"]}