5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
8.0%
github.com/containerd/containerd is vulnerable to Denial of Service (DoS). The vulnerability exists because the onUntarJSON
function in importer.go
does not properly limit the number of bytes read for specific files when importing an OCI image, allowing an attacker to cause an application crash through the maliciously crafted image.
github.com/containerd/containerd/commit/0c314901076a74a7b797a545d2f462285fdbb8c4
github.com/containerd/containerd/commit/0c314901076a74a7b797a545d2f462285fdbb8c4
github.com/containerd/containerd/commit/959e1cf9602f3b7a71bdca7b6344b40e00504730
github.com/containerd/containerd/commit/9e4acc02807a012a51f68afef41f189a350a16cd
github.com/containerd/containerd/releases/tag/v1.5.18
github.com/containerd/containerd/releases/tag/v1.6.18
github.com/containerd/containerd/security/advisories/GHSA-259w-8hf6-59c2
secdb.alpinelinux.org/edge/community.yaml
secdb.alpinelinux.org/v3.17/community.yaml
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
8.0%