Lucene search
K

5 matches found

Snyk
Snyk
added 2026/06/19 7:35 p.m.5 views

UNIX Symbolic Link (Symlink) Following

Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following in the CRI checkpoint restore plugin due to improper validation of symlinked paths. An attacker can access arbitrary files on the host by crafting a malicious checkpoint image and leveraging the...

8.2CVSS6AI score0.00208EPSS
Exploits0References2
Snyk
Snyk
added 2025/11/06 3:12 p.m.3 views

Incorrect Execution-Assigned Permissions

Overview Affected versions of this package are vulnerable to Incorrect Execution-Assigned Permissions when initialising host directories with 711 and 755 permissions instead of 700. An attacker can gain unauthorized access to sensitive data and potentially escalate privileges by accessing...

8.5CVSS6.5AI score0.00145EPSS
Exploits1References2
Microsoft CVE
Microsoft CVE
added 2022/06/16 7:0 a.m.3 views

containerd CRI plugin: Host memory exhaustion through ExecSync

...

5.5CVSS6AI score0.00377EPSS
Exploits0
Amazon
Amazon
added 2021/11/18 12:0 a.m.4 views

Medium: containerd

Issue Overview: A flaw was found in containerd CRI plugin. Containers launched through containerd's CRI implementation that share the same image may receive incorrect environment variables, including values that are defined for other containers. The highest threat from this vulnerability is to da...

6.3CVSS6.9AI score0.02044EPSS
Exploits0
NVD
NVD
added 2020/10/16 5:15 p.m.29 views

CVE-2020-15157

In containerd an industry-standard container runtime before version 1.2.14 there is a credential leaking vulnerability. If a container image manifest in the OCI Image format or Docker Image V2 Schema 2 format includes a URL for the location of a specific image layer otherwise known as a “foreign...

6.1CVSS0.02209EPSS
Exploits1References5
Rows per page
Query Builder