4 matches found
CVE-2026-46680
A flaw was found in containerd, an open-source container runtime. Containers launched with a numeric User directive that cannot be parsed as a 32-bit integer are incorrectly treated as a username. This vulnerability allows a crafted container image to bypass the Kubernetes runAsNonRoot restrictio...
OPENSUSE-SU-2026:21213-1 Security update for containerd
This update for containerd fixes the following issues Update to 1.7.33: - CVE-2024-25621: overly broad default permission vulnerability bsc1253126. - CVE-2025-64329: goroutine leaks can lead to memory exhaustion on the host bsc1253132. - CVE-2026-33186: google.golang.org/grpc: authorization bypas...
PT-2026-42700
Name of the Vulnerable Software and Affected Versions containerd versions prior to 2.3.1 containerd versions prior to 2.2.4 containerd versions prior to 2.0.9 containerd versions prior to 1.7.32 Description An input validation error exists where containers launched with a numeric User directive...
`runAsNonRoot` logic bypass for Windows containers
A security issue was discovered in Kubernetes that could allow Windows workloads to run as ContainerAdministrator even when those workloads set the runAsNonRoot option to true. This issue has been rated low and assigned CVE-2021-25749 Am I vulnerable? All Kubernetes clusters with following...