Lucene search
K

841 matches found

RedhatCVE
RedhatCVE
added 2026/07/02 12:47 p.m.6 views

CVE-2026-47262

A flaw was found in containerd, an open-source container runtime. A remote attacker could exploit this vulnerability by providing a maliciously crafted image. When a container is created from this image, it leads to uncontrolled resource consumption and memory exhaustion, causing the containerd...

6.5CVSS5.8AI score0.00317EPSS
Exploits0References4
CVE
CVE
added 2026/07/01 6:10 p.m.48 views

CVE-2026-53489

CVE-2026-53489 affects containerd CRI: when checkpoint restore occurs, the CRI plugin may read a host file by following a symlink for container.log. Vulnerable versions are prior to 2.3.2, 2.2.5 and 2.1.9. Impact described as arbitrary host file read via kubectl logs, with LOCAL attack potential ...

8.2CVSS5.9AI score0.00208EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/07/01 2:52 p.m.20 views

CVE-2026-53488

A flaw was found in containerd, an open-source container runtime. The Container Runtime Interface CRI plugin, which manages container operations, fails to validate labels propagated from an image configuration to a container. This oversight could enable an attacker to execute arbitrary commands o...

9.4CVSS6.1AI score0.00203EPSS
Exploits0References4
NVD
NVD
added 2026/07/01 2:17 a.m.7 views

CVE-2026-53488

containerd is an open-source container runtime. In versions prior to 1.7.33, 2.3.2, 2.2.5, 2.1.9, and 2.0.10 the CRI plugin propagates labels from an image config LABEL instruction in Dockerfile to a container without validation. This may result in executing an arbitrary command on the host, via ...

9.4CVSS0.00203EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 12:11 a.m.92 views

CVE-2026-53488

CVE-2026-53488 affects containerd’s CRI plugin: image config LABELs are propagated to containers without validation, enabling potential host-command execution via a plugin that consumes labels. Concrete details across connected docs confirm this vulnerability in containerd versions prior to 1.7.3...

9.4CVSS5.9AI score0.00203EPSS
Exploits0References1Affected Software1
AlpineLinux
AlpineLinux
added 2026/07/01 12:11 a.m.6 views

CVE-2026-53488

containerd is an open-source container runtime. In versions prior to 1.7.33, 2.3.2, 2.2.5, 2.1.9, and 2.0.10 the CRI plugin propagates labels from an image config LABEL instruction in Dockerfile to a container without validation. This may result in executing an arbitrary command on the host, via ...

9.4CVSS5.9AI score0.00203EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.43 views

Containerd 1.7.x < 1.7.33 / 2.0.x < 2.0.10 / 2.1.x < 2.1.9 / 2.2.x < 2.2.5 / 2.3.x < 2.3.2 Multiple Vulnerabilities

The version of Containerd on the remote host is 1.7.x prior to 1.7.33, 2.0.x prior to 2.0.10, 2.1.x prior to 2.1.9, 2.2.x prior to 2.2.5, or 2.3.x prior to 2.3.2. It is, therefore, affected by multiple vulnerabilities: - A vulnerability in containerd allows a maliciously crafted image to cause a...

9.4CVSS6.1AI score0.00317EPSS
Exploits0References4
OSV
OSV
added 2026/06/19 7:35 p.m.9 views

GHSA-RGH6-RFWX-V388 Arbitrary host CRI log file read via symlink following in CRI checkpoint restore

Impact A bug was found in containerd where the CRI plugin restores container.log from a checkpoint image without validating a symlinked path. This could result in reading an arbitrary file on the host via kubectl logs. Patches This bug has been fixed in the following containerd versions: 2.3.2...

7.1CVSS6AI score0.00208EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/19 7:35 p.m.10 views

Improperly Controlled Modification of Dynamically-Determined Object Attributes

Overview github.com/containerd/containerd/pkg/cri/server is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer an...

9.4CVSS6.3AI score0.00203EPSS
Exploits0References2
OSV
OSV
added 2026/06/19 7:35 p.m.6 views

GHSA-CVXM-645Q-P574 containerd: CRI checkpoint import allows local image tag poisoning

Impact containerd's CRI checkpoint import process contains a vulnerability where it fails to validate the image references specified within a checkpoint image's configuration. An attacker with permissions to create pods can use a crafted checkpoint image to force containerd to pull a malicious...

5.6CVSS6.3AI score0.00354EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.18 views

PT-2026-51057

Name of the Vulnerable Software and Affected Versions containerd versions prior to 2.1.9 containerd versions prior to 2.2.5 containerd versions prior to 2.3.2 Description A bug in the CRI plugin allows the restoration of container.log from a checkpoint image without validating a symlinked path...

9.9CVSS6AI score0.00412EPSS
Exploits0References42
The Hacker News
The Hacker News
added 2026/06/04 11:19 a.m.16 views

FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads

Cybersecurity researchers have shed light on a macOS malvertising campaign codenamed Operation FlutterBridge that spreads a new backdoor called FlutterShell. According to Palo Alto Networks Unit 42, the campaign is said to be the next stage of a previously reported activity cluster dubbed...

6.1AI score
Exploits0
CBLMariner
CBLMariner
added 2026/05/30 3:37 a.m.12 views

CVE-2026-27136 affecting package cri-tools for versions less than 1.32.0-6

CVE-2026-27136 affecting package cri-tools for versions less than 1.32.0-6. A patched version of the package is available...

6.1CVSS5.8AI score0.00178EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/05/30 3:37 a.m.11 views

CVE-2026-25680 affecting package cri-tools for versions less than 1.32.0-6

CVE-2026-25680 affecting package cri-tools for versions less than 1.32.0-6. A patched version of the package is available...

6.5CVSS5.8AI score0.00248EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/05/30 3:37 a.m.13 views

CVE-2026-25681 affecting package cri-tools for versions less than 1.32.0-6

CVE-2026-25681 affecting package cri-tools for versions less than 1.32.0-6. A patched version of the package is available...

6.1CVSS5.8AI score0.00178EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/05/30 3:37 a.m.14 views

CVE-2026-39821 affecting package cri-tools for versions less than 1.32.0-6

CVE-2026-39821 affecting package cri-tools for versions less than 1.32.0-6. A patched version of the package is available...

9.6CVSS5.8AI score0.00478EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/05/30 3:37 a.m.11 views

CVE-2026-42506 affecting package cri-tools for versions less than 1.32.0-6

CVE-2026-42506 affecting package cri-tools for versions less than 1.32.0-6. A patched version of the package is available...

6.1CVSS5.8AI score0.00188EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/05/30 3:37 a.m.14 views

CVE-2026-42502 affecting package cri-tools for versions less than 1.32.0-6

CVE-2026-42502 affecting package cri-tools for versions less than 1.32.0-6. A patched version of the package is available...

6.1CVSS5.8AI score0.00178EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/27 3:51 a.m.4 views

SUSE CVE-2024-5154

A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal “../“. This flaw allows the container to read and write to arbitrary files on the host system...

8.1CVSS7.3AI score0.01237EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.13 views

Amazon Linux 2 : cri-tools, --advisory ALAS2-2026-3310 (ALAS-2026-3310)

The version of cri-tools installed on the remote host is prior to 1.32.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3310 advisory. Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta...

7.5CVSS5.9AI score0.00813EPSS
Exploits0References14
Rows per page
Query Builder