containerd
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | An open and reliable container runtime |
| Version | 1.5.7-1 [community] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-2439 | 1.5.6-1 | 1.5.7-1 | Medium | Fixed | |
| AVG-2174 | 1.5.2-1 | 1.5.4-1 | Medium | Fixed | |
| AVG-1650 | 1.4.3-1 | 1.4.4-1 | Medium | Fixed | |
| AVG-1309 | 1.4.2-2 | 1.4.3-1 | High | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2021-41103 | AVG-2439 | Medium | No | Directory traversal | A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged... |
| CVE-2021-32760 | AVG-2174 | Medium | No | Directory traversal | A bug was found in containerd version prior to 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission... |
| CVE-2021-21334 | AVG-1650 | Medium | No | Information disclosure | A security issue was found in containerd before version 1.3.10 and 1.4.x before 1.4.4. Containers launched through containerd's CRI implementation (through... |
| CVE-2020-15257 | AVG-1309 | High | No | Privilege escalation | In containerd before versions 1.3.9 and 1.4.3, the containerd-shim API is improperly exposed to host network containers. Access controls for the shim's API... |
Advisories
| Date | Advisory | Group | Severity | Type |
|---|---|---|---|---|
| 27 Jul 2021 | ASA-202107-70 | AVG-2174 | Medium | directory traversal |
| 05 Dec 2020 | ASA-202012-8 | AVG-1309 | High | privilege escalation |