Affected by GO-2022-0344
and 7 other vulnerabilities
GO-2022-0344 : containerd CRI plugin: Insecure handling of image volumes in github.com/containerd/containerd
GO-2022-0360 : Ambiguous OCI manifest parsing in github.com/containerd/containerd
GO-2022-0482 : containerd CRI plugin: Host memory exhaustion through ExecSync in github.com/containerd/containerd
GO-2022-0784 : containerd-shim API Exposed to Host Network Containers in github.com/containerd/containerd
GO-2022-0803 : containerd v1.2.x can be coerced into leaking credentials during image pull in github.com/containerd/containerd
GO-2022-0921 : Archive package allows chmod of file outside of unpack target directory in github.com/containerd/containerd
GO-2022-0938 : Insufficiently restricted permissions on plugin directories in github.com/containerd/containerd
GO-2022-1147 : containerd CRI stream server vulnerable to host memory exhaustion via terminal in github.com/containerd/containerd
The highest tagged major version is
v2 .
Discover Packages
github.com/containerd/containerd
contrib
seccomp
package
Version:
v1.1.1-rc.1
Opens a new window with list of versions in this module.
Published: Jun 18, 2018
License: Apache-2.0
Opens a new window with license information.
Imports: 9
Opens a new window with list of imports.
Imported by: 122
Opens a new window with list of known importers.
Documentation
Documentation
¶
func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp
DefaultProfile defines the whitelist for the default seccomp profile.
WithDefaultProfile sets the default seccomp profile to the spec.
Note: must follow the setting of process capabilities
WithProfile receives the name of a file stored on disk comprising a json
formated seccomp profile, as specified by the opencontainers/runtime-spec.
The profile is read from the file, unmarshaled, and set to the spec.
Source Files
¶
Click to show internal directories.
Click to hide internal directories.