EUVD-2023-0722

Malicious code in bioql PyPI...

EulerOS 2.0 SP13 : docker-engine (EulerOS-SA-2025-1685)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers...

Important: containerd

Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...

EulerOS 2.0 SP11 : containerd (EulerOS-SA-2025-1648)

According to the versions of the containerd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers...

Huawei EulerOS: Security Advisory for containerd (EulerOS-SA-2025-1580)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2 : docker (ALASDOCKER-2025-066)

The version of docker installed on the remote host is prior to 25.0.8-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2DOCKER-2025-066 advisory. containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 wher...

CVE-2025-47291

containerd is an open-source container runtime. A bug was found in the containerd's CRI implementation where containerd, starting in version 2.0.1 and prior to version 2.0.5, doesn't put usernamespaced containers under the Kubernetes' cgroup hierarchy, therefore some Kubernetes limits are not...

[SECURITY] [DLA 4153-1] containerd security update

Debian LTS Advisory DLA-4153-1 [email protected] https://www.debian.org/lts/security/ Andreas Henriksson May 04, 2025 https://wiki.debian.org/LTS Package : containerd Version : 1.4.13ds1-1deb11u5 CVE ID : CVE-2024-40635 Debian Bug : 1100806 containerd is a container runtime. A bug was...

Debian dla-4153 : containerd - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4153 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4153-1 [email protected] https://www.debian.org/lts/security/...

Updated docker-containerd packages fix security vulnerability

containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set as a UID:GID larger than the maximum 32-bit signed integer can cause an overflow condition where the container ultimately runs as roo...

OESA-2025-1349 containerd security update

containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision...

Ubuntu: Security Advisory (USN-7374-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : containerd vulnerability (USN-7374-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7374-1 advisory. Benjamin Koltermann discovered that containerd incorrectly handled large user id values. This could result...

CVE-2024-40635

CVE-2024-40635 affects containerd. A bug allows containers launched with a UID:GID that exceeds the 32‑bit signed integer max to overflow, causing the container to run as root (UID 0). Fixed in containerd releases: 1.6.38, 1.7.27, and 2.0.4. Workarounds include using only trusted images and restr...

CVE-2024-40635

containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set as a UID:GID larger than the maximum 32-bit signed integer can cause an overflow condition where the container ultimately runs as roo...

GO-2022-1147 containerd CRI stream server vulnerable to host memory exhaustion via terminal in github.com/containerd/containerd

containerd CRI stream server vulnerable to host memory exhaustion via terminal in github.com/containerd/containerd...

SUSE-SU-2024:0799-1 Security update for containerd

This update for containerd fixes the following issues: - CVE-2022-1996: Fixed CORS bypass bsc1200528...

Security Bulletin: IBM Cloud Kubernetes Service is affected by a containerd security vulnerability (CVE-2024-21626)

Summary IBM Cloud Kubernetes Service is affected by a security vulnerability found in the runc component shipped with containerd where an attacker could gain unauthorized access to the host filesystem CVE-2024-21626. Vulnerability Details CVEID: CVE-2024-21626 Description: Open Container Initiati...

Ubuntu 16.04 ESM : containerd vulnerabilities (USN-5521-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5521-1 advisory. It was discovered that containerd insufficiently restricted permissions on container root and plugin directories. If a user or automated system were...

SUSE-SU-2023:3817-2 Security update for containerd

This update of containerd fixes the following issues: - rebuild the package with the go 1.21 security release bsc1212475...