| CVE-2022-31030 |
AVG-2755 |
Unknown |
No |
Denial of service |
programs inside a container can cause the containerd daemon to consume memory without bound during invocation of the ExecSync API and cause containerd to... |
| CVE-2021-41190 |
AVG-2573 |
Medium |
Yes |
Insufficient validation |
In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull... |
| CVE-2021-41103 |
AVG-2439 |
Medium |
No |
Directory traversal |
A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged... |
| CVE-2021-32760 |
AVG-2174 |
Medium |
No |
Directory traversal |
A bug was found in containerd version prior to 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission... |
| CVE-2021-21334 |
AVG-1650 |
Medium |
No |
Information disclosure |
A security issue was found in containerd before version 1.3.10 and 1.4.x before 1.4.4. Containers launched through containerd's CRI implementation (through... |
| CVE-2020-15257 |
AVG-1309 |
High |
No |
Privilege escalation |
In containerd before versions 1.3.9 and 1.4.3, the containerd-shim API is improperly exposed to host network containers. Access controls for the shim's API... |