Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linuxfoundation containerd vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2023-25153
containerd is an open source container runtime. prior to 1.6.18 and 1.5.18, when importing an OCI image, there was no limit on the number of bytes read for certain files. A maliciously crafted image with a large file where a limit was not applied could cause a denial of service. ...
Linuxfoundation Containerd
5.5
CVSSv3
CVE-2022-31030
containerd is an open source container runtime. A bug was found in the containerd's CRI implementation where programs inside a container can cause the containerd daemon to consume memory without bound during invocation of the `ExecSync` API. This can cause containerd to cons...
Linuxfoundation Containerd
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
5.2
CVSSv3
CVE-2020-15257
containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. In containerd prior to 1.3.9 and 1.4.3, the containerd-shim API is improperly exposed to host network containers. Access controls for the shim’s API socket verified that...
Linuxfoundation Containerd
Fedoraproject Fedora 33
Debian Debian Linux 10.0
11 Github repositories
1 Article
5
CVSSv3
CVE-2021-41190
The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operat...
Linuxfoundation Open Container Initiative Image Format Specification
Linuxfoundation Open Container Initiative Distribution Specification
Fedoraproject Fedora 34
Fedoraproject Fedora 35
2.5
CVSSv3
CVE-2023-32684
Lima launches Linux virtual machines, typically on macOS, for running containerd. Prior to version 0.16.0, a virtual machine instance with a malicious disk image could read a single file on the host filesystem, even when no filesystem is mounted from the host. The official templa...
Linuxfoundation Lima
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2