CVE-2026-27136 affecting package containerd2 for versions less than 2.1.6-3

CVE-2026-27136 affecting package containerd2 for versions less than 2.1.6-3. A patched version of the package is available...

CVE-2026-39821 affecting package containerd2 for versions less than 2.1.6-3

CVE-2026-39821 affecting package containerd2 for versions less than 2.1.6-3. A patched version of the package is available...

CVE-2026-42506 affecting package containerd2 for versions less than 2.1.6-3

CVE-2026-42506 affecting package containerd2 for versions less than 2.1.6-3. A patched version of the package is available...

CVE-2026-35469 affecting package containerd2 for versions less than 2.0.0-19

CVE-2026-35469 affecting package containerd2 for versions less than 2.0.0-19. A patched version of the package is available...

CVE-2025-47911 affecting package containerd2 for versions less than 2.0.0-18

CVE-2025-47911 affecting package containerd2 for versions less than 2.0.0-18. A patched version of the package is available...

CVE-2025-58190 affecting package containerd2 for versions less than 2.0.0-18

CVE-2025-58190 affecting package containerd2 for versions less than 2.0.0-18. A patched version of the package is available...

AZL-76907 CVE-2025-58190 affecting package containerd2 2.0.0-17

The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...

AZL-76904 CVE-2025-47911 affecting package containerd2 2.0.0-17

The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...

CVE-2025-64329 affecting package containerd2 for versions less than 2.0.0-16

CVE-2025-64329 affecting package containerd2 for versions less than 2.0.0-16. A patched version of the package is available...

CVE-2024-25621 affecting package containerd2 for versions less than 2.0.0-15

CVE-2024-25621 affecting package containerd2 for versions less than 2.0.0-15. A patched version of the package is available...

CVE-2025-22872 affecting package containerd2 for versions less than 2.0.0-9

CVE-2025-22872 affecting package containerd2 for versions less than 2.0.0-9. A patched version of the package is available...

CVE-2025-47291 affecting package containerd2 for versions less than 2.0.0-12

CVE-2025-47291 affecting package containerd2 for versions less than 2.0.0-12. A patched version of the package is available...

CVE-2024-40635 affecting package containerd2 for versions less than 2.0.0-8

CVE-2024-40635 affecting package containerd2 for versions less than 2.0.0-8. A patched version of the package is available...

AZL-60486 CVE-2025-22872 affecting package containerd2 for versions less than 2.0.0-9

The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content...

CVE-2025-27144 affecting package containerd2 for versions less than 2.0.0-6

CVE-2025-27144 affecting package containerd2 for versions less than 2.0.0-6. A patched version of the package is available...

CVE-2024-45338 affecting package containerd2 for versions less than 2.0.0-3

CVE-2024-45338 affecting package containerd2 for versions less than 2.0.0-3. A patched version of the package is available...

AZL-54546 CVE-2024-45338 affecting package containerd2 for versions less than 2.0.0-3

An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...