containerd

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description An open and reliable container runtime
Version 1.5.7-1 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-2439 1.5.6-1 1.5.7-1 Medium Fixed
AVG-2174 1.5.2-1 1.5.4-1 Medium Fixed
AVG-1650 1.4.3-1 1.4.4-1 Medium Fixed
AVG-1309 1.4.2-2 1.4.3-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2021-41103 AVG-2439 Medium No Directory traversal
A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged...
CVE-2021-32760 AVG-2174 Medium No Directory traversal
A bug was found in containerd version prior to 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission...
CVE-2021-21334 AVG-1650 Medium No Information disclosure
A security issue was found in containerd before version 1.3.10 and 1.4.x before 1.4.4. Containers launched through containerd's CRI implementation (through...
CVE-2020-15257 AVG-1309 High No Privilege escalation
In containerd before versions 1.3.9 and 1.4.3, the containerd-shim API is improperly exposed to host network containers. Access controls for the shim's API...

Advisories

Date Advisory Group Severity Type
27 Jul 2021 ASA-202107-70 AVG-2174 Medium directory traversal
05 Dec 2020 ASA-202012-8 AVG-1309 High privilege escalation