CVE-2021-32760
- EPSS 0.14%
- Veröffentlicht 19.07.2021 21:15:07
- Zuletzt bearbeitet 21.11.2024 06:07:41
containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem...
CVE-2021-21334
- EPSS 0.31%
- Veröffentlicht 10.03.2021 22:15:12
- Zuletzt bearbeitet 21.11.2024 05:48:02
In containerd (an industry-standard container runtime) before versions 1.3.10 and 1.4.4, containers launched through containerd's CRI implementation (through Kubernetes, crictl, or any other pod/container client that uses the containerd CRI service) ...
CVE-2020-15257
- EPSS 11.15%
- Veröffentlicht 01.12.2020 03:15:11
- Zuletzt bearbeitet 21.11.2024 05:05:12
containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. In containerd before versions 1.3.9 and 1.4.3, the containerd-shim API is improperly exposed to host network containers. Access controls for the ...
CVE-2020-15157
- EPSS 0.85%
- Veröffentlicht 16.10.2020 17:15:11
- Zuletzt bearbeitet 21.11.2024 05:04:57
In containerd (an industry-standard container runtime) before version 1.2.14 there is a credential leaking vulnerability. If a container image manifest in the OCI Image format or Docker Image V2 Schema 2 format includes a URL for the location of a sp...