GO-2022-0278
and 6 other vulnerabilities
GO-2022-0278 : Unprivileged pod using `hostPath` can side-step active LSM when it is SELinux in github.com/containerd/containerd
GO-2022-0344 : containerd CRI plugin: Insecure handling of image volumes in github.com/containerd/containerd
GO-2022-0360 : Ambiguous OCI manifest parsing in github.com/containerd/containerd
GO-2022-0482 : containerd CRI plugin: Host memory exhaustion through ExecSync in github.com/containerd/containerd
GO-2022-0921 : Archive package allows chmod of file outside of unpack target directory in github.com/containerd/containerd
GO-2022-0938 : Insufficiently restricted permissions on plugin directories in github.com/containerd/containerd
GO-2022-1147 : containerd CRI stream server vulnerable to host memory exhaustion via terminal in github.com/containerd/containerd
The highest tagged major version is
v2 .
Discover Packages
github.com/containerd/containerd
contrib
seccomp
package
Version:
v1.5.3
Opens a new window with list of versions in this module.
Published: Jul 13, 2021
License: Apache-2.0
Opens a new window with license information.
Imports: 8
Opens a new window with list of imports.
Imported by: 122
Opens a new window with list of known importers.
Documentation
¶
Rendered for
linux/amd64
windows/amd64
darwin/amd64
js/wasm
func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp
DefaultProfile defines the allowed syscalls for the default seccomp profile.
WithDefaultProfile sets the default seccomp profile to the spec.
Note: must follow the setting of process capabilities
WithProfile receives the name of a file stored on disk comprising a json
formatted seccomp profile, as specified by the opencontainers/runtime-spec.
The profile is read from the file, unmarshaled, and set to the spec.
¶
Click to show internal directories.
Click to hide internal directories.
Affected by 
The highest tagged major version is
Documentation
¶
Source Files