Vulnerabilities > Linuxfoundation > Containerd > 1.2.2

DATE CVE VULNERABILITY TITLE RISK
2023-02-16 CVE-2023-25153 Allocation of Resources Without Limits or Throttling vulnerability in Linuxfoundation Containerd
containerd is an open source container runtime.
local
low complexity
linuxfoundation CWE-770
5.5
2023-02-16 CVE-2023-25173 Incorrect Authorization vulnerability in Linuxfoundation Containerd
containerd is an open source container runtime.
local
low complexity
linuxfoundation CWE-863
7.8
2022-12-07 CVE-2022-23471 Memory Leak vulnerability in Linuxfoundation Containerd
containerd is an open source container runtime.
network
low complexity
linuxfoundation CWE-401
6.5
2022-06-09 CVE-2022-31030 Resource Exhaustion vulnerability in multiple products
containerd is an open source container runtime.
5.5
2022-03-03 CVE-2022-23648 containerd is a container runtime available as a daemon for Linux and Windows.
network
low complexity
linuxfoundation debian fedoraproject
7.5
2021-10-04 CVE-2021-41103 Path Traversal vulnerability in multiple products
containerd is an open source container runtime with an emphasis on simplicity, robustness and portability.
7.8
2021-07-19 CVE-2021-32760 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
containerd is a container runtime.
network
low complexity
linuxfoundation fedoraproject CWE-732
6.3
2021-03-10 CVE-2021-21334 Exposure of Resource to Wrong Sphere vulnerability in multiple products
In containerd (an industry-standard container runtime) before versions 1.3.10 and 1.4.4, containers launched through containerd's CRI implementation (through Kubernetes, crictl, or any other pod/container client that uses the containerd CRI service) that share the same image may receive incorrect environment variables, including values that are defined for other containers.
network
high complexity
linuxfoundation fedoraproject CWE-668
6.3
2020-12-01 CVE-2020-15257 Incorrect Resource Transfer Between Spheres vulnerability in multiple products
containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows.
5.2
2020-10-16 CVE-2020-15157 Insufficiently Protected Credentials vulnerability in multiple products
In containerd (an industry-standard container runtime) before version 1.2.14 there is a credential leaking vulnerability.
network
high complexity
linuxfoundation canonical debian CWE-522
2.6