containerd

Direct Vulnerabilities

Known vulnerabilities in the containerd package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • H
Link Following

<0:2.2.4-1.amzn2023.0.3
  • H
Improper Validation of Unsafe Equivalence in Input

<0:2.2.4-1.amzn2023.0.3
  • H
Reliance on Untrusted Inputs in a Security Decision

<0:2.2.4-1.amzn2023.0.3
  • H
Allocation of Resources Without Limits or Throttling

<0:2.2.4-1.amzn2023.0.3
  • H
OS Command Injection

<0:2.2.4-1.amzn2023.0.3
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:2.2.4-1.amzn2023.0.2
  • H
Cross-site Scripting (XSS)

<0:2.2.4-1.amzn2023.0.2
  • H
Excessive Platform Resource Consumption within a Loop

<0:2.2.4-1.amzn2023.0.2
  • H
Improper Validation of Unsafe Equivalence in Input

<0:2.2.4-1.amzn2023.0.2
  • H
Cross-site Scripting (XSS)

<0:2.2.4-1.amzn2023.0.2
  • H
Cross-site Scripting (XSS)

<0:2.2.4-1.amzn2023.0.2
  • H
Incorrect Type Conversion or Cast

<0:2.2.4-1.amzn2023.0.1
  • H
Improper Preservation of Permissions

<0:2.2.4-1.amzn2023.0.1
  • H
Improper Validation of Specified Type of Input

<0:2.2.4-1.amzn2023.0.1
  • H
Improper Enforcement of Message Integrity During Transmission in a Communication Channel

<0:2.2.4-1.amzn2023.0.1
  • H
Integer Overflow or Wraparound

<0:2.2.4-1.amzn2023.0.1
  • H
NULL Pointer Dereference

<0:2.2.4-1.amzn2023.0.1
  • H
Improper Preservation of Permissions

<0:2.2.4-1.amzn2023.0.1
  • H
Improper Validation of Specified Quantity in Input

<0:2.2.4-1.amzn2023.0.1
  • H
Missing Authorization

<0:2.2.4-1.amzn2023.0.1
  • H
Improperly Implemented Security Check for Standard

<0:2.2.4-1.amzn2023.0.1
  • H
Improper Certificate Validation

<0:2.2.4-1.amzn2023.0.1
  • H
Incorrect Implementation of Authentication Algorithm

<0:2.2.4-1.amzn2023.0.1
  • H
Missing Release of Resource after Effective Lifetime

<0:2.2.4-1.amzn2023.0.1
  • H
Improper Validation of Unsafe Equivalence in Input

<0:2.2.3-1.amzn2023.0.2
  • H
Cross-site Scripting (XSS)

<0:2.2.3-1.amzn2023.0.2
  • H
Creation of Immutable Text Using String Concatenation

<0:2.2.3-1.amzn2023.0.2
  • H
External Control of Assumed-Immutable Web Parameter

<0:2.2.3-1.amzn2023.0.2
  • H
Unchecked Input for Loop Condition

<0:2.2.3-1.amzn2023.0.2
  • H
CVE-2026-33811

<0:2.2.3-1.amzn2023.0.2
  • H
Unchecked Input for Loop Condition

<0:2.2.3-1.amzn2023.0.2
  • H
Uncontrolled Memory Allocation

<0:2.2.3-1.amzn2023.0.1
  • H
Expected Behavior Violation

<0:2.2.3-1.amzn2023.0.1
  • H
Allocation of Resources Without Limits or Throttling

<0:2.2.3-1.amzn2023.0.1
  • H
Time-of-check Time-of-use (TOCTOU)

<0:2.2.3-1.amzn2023.0.1
  • H
Allocation of Resources Without Limits or Throttling

<0:2.2.3-1.amzn2023.0.1
  • H
Excessive Platform Resource Consumption within a Loop

<0:2.2.3-1.amzn2023.0.1
  • H
Incorrect Calculation of Buffer Size

<0:2.2.3-1.amzn2023.0.1
  • H
Multiple Locks of a Critical Resource

<0:2.2.3-1.amzn2023.0.1
  • H
Cross-site Scripting (XSS)

<0:2.2.3-1.amzn2023.0.1
  • H
Compiler Optimization Removal or Modification of Security-critical Code

<0:2.2.3-1.amzn2023.0.1
  • H
Directory Traversal

<0:2.2.1-1.amzn2023.0.2
  • H
Incorrect Behavior Order: Authorization Before Parsing and Canonicalization

<0:2.2.1-1.amzn2023.0.2
  • H
Improper Validation of Syntactic Correctness of Input

<0:2.2.1-1.amzn2023.0.2
  • H
Cross-site Scripting (XSS)

<0:2.2.1-1.amzn2023.0.2
  • M
Allocation of Resources Without Limits or Throttling

<0:2.1.5-1.amzn2023.0.5
  • M
CVE-2025-68121

<0:2.1.5-1.amzn2023.0.5
  • M
Missing Required Cryptographic Step

<0:2.1.5-1.amzn2023.0.5
  • M
Allocation of Resources Without Limits or Throttling

<0:2.1.5-1.amzn2023.0.5
  • M
Improper Certificate Validation

<0:2.1.5-1.amzn2023.0.3
  • M
Excessive Platform Resource Consumption within a Loop

<0:2.1.5-1.amzn2023.0.3
  • M
Missing Reference to Active Allocated Resource

<0:2.1.5-1.amzn2023.0.1
  • M
Incorrect Execution-Assigned Permissions

<0:2.1.5-1.amzn2023.0.1
  • H
CVE-2025-58186

<0:2.1.4-1.amzn2023.0.2
  • H
Improper Output Neutralization for Logs

<0:2.1.4-1.amzn2023.0.2
  • H
Creation of Immutable Text Using String Concatenation

<0:2.1.4-1.amzn2023.0.2
  • H
Allocation of Resources Without Limits or Throttling

<0:2.1.4-1.amzn2023.0.2
  • H
Reachable Assertion

<0:2.1.4-1.amzn2023.0.2
  • H
Improper Validation of Syntactic Correctness of Input

<0:2.1.4-1.amzn2023.0.2
  • H
Allocation of Resources Without Limits or Throttling

<0:2.1.4-1.amzn2023.0.2
  • H
Allocation of Resources Without Limits or Throttling

<0:2.1.4-1.amzn2023.0.2
  • H
Allocation of Resources Without Limits or Throttling

<0:2.1.4-1.amzn2023.0.2
  • H
Allocation of Resources Without Limits or Throttling

<0:2.1.4-1.amzn2023.0.2
  • M
Improper Certificate Validation

<0:2.0.5-1.amzn2023.0.2
  • M
CVE-2025-4673

<0:2.0.5-1.amzn2023.0.2
  • H
HTTP Request Smuggling

<0:1.7.27-1.amzn2023.0.3
  • M
Allocation of Resources Without Limits or Throttling

<0:1.7.27-1.amzn2023.0.2
  • M
Integer Overflow or Wraparound

<0:1.7.27-1.amzn2023.0.1
  • H
Improper Authorization

<0:1.7.25-1.amzn2023.0.1
  • M
Misinterpretation of Input

<0:1.7.20-1.amzn2023.0.1
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:1.7.20-1.amzn2023.0.1
  • M
Resource Exhaustion

<0:1.7.11-1.amzn2023.0.1
  • H
Allocation of Resources Without Limits or Throttling

<0:1.7.11-1.amzn2023.0.1
  • H
Resource Exhaustion

<0:1.7.11-1.amzn2023.0.1
  • H
Resource Exhaustion

<0:1.7.2-1.amzn2023.0.4
  • M
Placement of User into Incorrect Group

<0:1.7.2-1.amzn2023.0.1
  • H
HTTP Response Splitting

<0:1.7.2-1.amzn2023.0.2
  • M
Resource Exhaustion

<0:1.7.2-1.amzn2023.0.3
  • H
Exposure of Resource to Wrong Sphere

<0:1.7.2-1.amzn2023.0.2
  • M
Placement of User into Incorrect Group

<0:1.6.19-1.amzn2023.0.1
  • M
Memory Leak

<0:1.6.19-1.amzn2023.0.1
  • M
Resource Exhaustion

<0:1.6.19-1.amzn2023.0.1
  • M
CVE-2022-36109

<0:1.6.8-2.amzn2023.0.3
  • M
Resource Exhaustion

<0:1.6.8-2.amzn2023.0.3
  • M
Files or Directories Accessible to External Parties

<0:1.6.8-2.amzn2023.0.3
  • M
Incorrect Default Permissions

<0:1.6.8-2.amzn2023.0.3