Affected by GO-2022-0278
and 6 other vulnerabilities
GO-2022-0278: Unprivileged pod using `hostPath` can side-step active LSM when it is SELinux in github.com/containerd/containerd
GO-2022-0344: containerd CRI plugin: Insecure handling of image volumes in github.com/containerd/containerd
GO-2022-0360: Ambiguous OCI manifest parsing in github.com/containerd/containerd
GO-2022-0482: containerd CRI plugin: Host memory exhaustion through ExecSync in github.com/containerd/containerd
GO-2022-0921: Archive package allows chmod of file outside of unpack target directory in github.com/containerd/containerd
GO-2022-0938: Insufficiently restricted permissions on plugin directories in github.com/containerd/containerd
GO-2022-1147: containerd CRI stream server vulnerable to host memory exhaustion via terminal in github.com/containerd/containerd
The highest tagged major version is
v2.
package
Version:
v1.5.1
Opens a new window with list of versions in this module.
Published: May 13, 2021
License: Apache-2.0
Opens a new window with license information.
Imports: 11
Opens a new window with list of imports.
Imported by: 148
Opens a new window with list of known importers.
Click to show internal directories.
Click to hide internal directories.