containerd vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the containerd package. This does not include vulnerabilities belonging to this package’s dependencies.

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
L GHSA-pwhc-rpq9-4c8w	<2.1.5-r0
L GHSA-m6hq-p25p-ffr2	<2.1.5-r0
H Incorrect Authorization	<1.6.18-r0
M Allocation of Resources Without Limits or Throttling	<1.6.18-r0
M Memory Leak	<1.6.12-r0
H CVE-2022-23648	<1.6.1-r0
H Directory Traversal	<1.5.7-r0
M Exposure of Resource to Wrong Sphere	<1.5.4-r0
H Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')	<1.3.3-r0
H Improper Certificate Validation	<1.3.3-r0
M Incorrect Resource Transfer Between Spheres	<1.4.3-r0
H Use of Incorrectly-Resolved Name or Reference	<1.3.3-r0
M Time-of-check Time-of-use (TOCTOU)	<2.1.1-r0
M Access of Resource Using Incompatible Type ('Type Confusion')	<1.5.8-r0
C Improper Preservation of Permissions	<1.5.9-r0
M Incorrect Permission Assignment for Critical Resource	<1.6.2-r0
M Resource Exhaustion	<1.6.6-r0
H Improper Certificate Validation	<1.3.3-r0
H Interpretation Conflict	<1.3.1-r0
H Incorrect Authorization	<1.3.0-r0
H Allocation of Resources Without Limits or Throttling	<1.2.9-r0
M Exposure of Resource to Wrong Sphere	<1.4.4-r0
H Always-Incorrect Control Flow Implementation	<1.2.6-r0
H Allocation of Resources Without Limits or Throttling	<1.2.9-r0
H Resource Exhaustion	<1.2.9-r0