Lucene search
+L

32 matches found

OSV
OSV
added 2026/07/09 12:49 p.m.4 views

OESA-2026-2893 containerd security update

containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision...

9.4CVSS6.2AI score0.00317EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/07/02 11:34 p.m.2 views

github.com/containerd/containerd: containerd: Host-root command execution via unvalidated image config labels in CRI plugin

A flaw was found in containerd, an open-source container runtime. The Container Runtime Interface CRI plugin, which manages container operations, fails to validate labels propagated from an image configuration to a container. This oversight could enable an attacker to execute arbitrary commands o...

9.4CVSS6.2AI score0.00203EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/02 11:34 p.m.3 views

github.com/containerd/containerd: containerd: Arbitrary code execution via CRI checkpoint image tag poisoning

A flaw was found in containerd, an open-source container runtime. The CRI Container Runtime Interface checkpoint import process fails to validate image references within a checkpoint image's configuration. An attacker with permissions to create pods can exploit this by using a specially crafted...

9.9CVSS6.4AI score0.00354EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/29 9:13 a.m.3 views

github.com/containerd/containerd: containerd: Arbitrary host file read via symlink following in CRI checkpoint restore

A flaw was found in containerd, an open-source container runtime. The Container Runtime Interface CRI plugin incorrectly restores container logs from a checkpoint image. This vulnerability, categorized as a Path Traversal CWE-61, allows an attacker to read arbitrary files on the host system by...

8.2CVSS6.1AI score0.00208EPSS
Exploits0References5
OSV
OSV
added 2026/06/25 6:43 p.m.6 views

GO-2026-5338 containerd: CRI checkpoint import allows local image tag poisoning in github.com/containerd/containerd

containerd: CRI checkpoint import allows local image tag poisoning in github.com/containerd/containerd...

9.9CVSS5.8AI score0.00354EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/19 7:35 p.m.5 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization during the CRI checkpoint restore. An attacker can gain unauthorized access to resources by injecting arbitrary Container Device Interface CDI annotations into checkpoint image metadata, which are then trusted an...

9.6CVSS6AI score0.00412EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/09 3:24 p.m.3 views

github.com/containerd/containerd: containerd: Arbitrary host file read via symlink following in CRI checkpoint restore

A flaw was found in containerd, an open-source container runtime. The Container Runtime Interface CRI plugin incorrectly restores container logs from a checkpoint image. This vulnerability, categorized as a Path Traversal CWE-61, allows an attacker to read arbitrary files on the host system by...

8.2CVSS6.1AI score0.00208EPSS
Exploits0References5
Fedora
Fedora
added 2025/11/22 1:37 a.m.8 views

[SECURITY] Fedora 43 Update: cri-o1.34-1.34.2-1.fc43

Open Container Initiative-based implementation of Kubernetes Container Runtime Interface...

7.5CVSS7AI score0.00626EPSS
Exploits0
Fedora
Fedora
added 2025/11/22 1:37 a.m.9 views

[SECURITY] Fedora 43 Update: cri-o1.32-1.32.10-1.fc43

Open Container Initiative-based implementation of Kubernetes Container Runtime Interface...

7.5CVSS7AI score0.00626EPSS
Exploits0
Fedora
Fedora
added 2025/11/22 1:19 a.m.8 views

[SECURITY] Fedora 42 Update: cri-o1.34-1.34.2-1.fc42

Open Container Initiative-based implementation of Kubernetes Container Runtime Interface...

7.5CVSS7AI score0.00626EPSS
Exploits0
Fedora
Fedora
added 2025/11/22 1:19 a.m.9 views

[SECURITY] Fedora 42 Update: cri-o1.32-1.32.10-1.fc42

Open Container Initiative-based implementation of Kubernetes Container Runtime Interface...

7.5CVSS7AI score0.00626EPSS
Exploits0
Fedora
Fedora
added 2025/11/22 1:17 a.m.8 views

[SECURITY] Fedora 41 Update: cri-o1.32-1.32.10-1.fc41

Open Container Initiative-based implementation of Kubernetes Container Runtime Interface...

7.5CVSS7AI score0.00626EPSS
Exploits0
Fedora
Fedora
added 2025/11/22 1:17 a.m.8 views

[SECURITY] Fedora 41 Update: cri-o1.34-1.34.2-1.fc41

Open Container Initiative-based implementation of Kubernetes Container Runtime Interface...

7.5CVSS7AI score0.00626EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/11/08 9:8 a.m.8 views

containerd affected by a local privilege escalation via wide permissions on CRI directory

...

7.8CVSS6.7AI score0.00159EPSS
Exploits1
OSV
OSV
added 2025/11/06 6:36 p.m.5 views

CVE-2024-25621 containerd affected by a local privilege escalation via wide permissions on CRI directory

containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths /var/lib/containerd,...

7.3CVSS6.8AI score0.00159EPSS
Exploits1References5
Fedora
Fedora
added 2025/10/11 1:3 a.m.8 views

[SECURITY] Fedora 41 Update: cri-o1.33-1.33.5-1.fc41

Open Container Initiative-based implementation of Kubernetes Container Runtime Interface...

6.5CVSS7AI score0.00489EPSS
Exploits1
Fedora
Fedora
added 2025/10/11 1:3 a.m.6 views

[SECURITY] Fedora 41 Update: cri-o1.31-1.31.13-1.fc41

Open Container Initiative-based implementation of Kubernetes Container Runtime Interface...

6.5CVSS7AI score0.00489EPSS
Exploits1
Fedora
Fedora
added 2025/10/11 12:58 a.m.7 views

[SECURITY] Fedora 42 Update: cri-o1.32-1.32.9-1.fc42

Open Container Initiative-based implementation of Kubernetes Container Runtime Interface...

6.5CVSS7AI score0.00489EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-21334

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In containerd an industry-standard container runtime before versions 1.3.10 and 1.4.4, containers launched through containerd's CRI implementation through...

6.3CVSS6.2AI score0.02044EPSS
Exploits0References2
Fedora
Fedora
added 2025/04/11 6:32 p.m.14 views

[SECURITY] Fedora 42 Update: cri-tools1.29-1.29.0-11.fc42

CLI and validation tools for Kubelet Container Runtime Interface CRI...

4.4CVSS7.5AI score0.00393EPSS
Exploits2
Rows per page
Query Builder