github.com/containerd/containerd vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-53488Highgithub.com/containerd/containerd: containerd CRI — image-config `LABEL` flows to restart-monitor `binary://` logger: host-root command execution from an image pullCVE-2026-47262Mediumgithub.com/containerd/containerd/v2: containerd image-triggered runtime DoS via unbounded group parsingCVE-2026-46680Highgithub.com/containerd/containerd: containerd user ID handling bypass allows runAsNonRoot evasionCVE-2025-64329Mediumgithub.com/containerd/containerd: containerd CRI server: Host memory exhaustion through Attach goroutine leakCVE-2024-25621Highgithub.com/containerd/containerd: containerd affected by a local privilege escalation via wide permissions on CRI directoryCVE-2024-40635Mediumgithub.com/containerd/containerd/v2: containerd has an integer overflow in User ID handlingGHSA-C9CP-9C75-9V8CLowgithub.com/containerd/containerd: containerd started with non-empty inheritable Linux process capabilitiesCVE-2021-21334Mediumgithub.com/containerd/containerd: containerd environment variable leakGHSA-7WW5-4WQC-M92CMediumgithub.com/containerd/containerd: containerd allows RAPL to be accessible to a containerCVE-2023-25153Mediumgithub.com/containerd/containerd: OCI image importer memory exhaustion in github.com/containerd/containerdCVE-2023-25173Mediumgithub.com/containerd/containerd: Supplementary groups are not set up properly in github.com/containerd/containerdCVE-2022-23471Mediumgithub.com/containerd/containerd: containerd CRI stream server vulnerable to host memory exhaustion via terminalCVE-2022-31030Mediumgithub.com/containerd/containerd: containerd CRI plugin: Host memory exhaustion through ExecSyncCVE-2022-23648Highgithub.com/containerd/containerd: containerd CRI plugin: Insecure handling of image volumesCVE-2020-15157Mediumgithub.com/containerd/containerd: containerd v1.2.x can be coerced into leaking credentials during image pullCVE-2021-43816Highgithub.com/containerd/containerd: Unprivileged pod using `hostPath` can side-step active LSM when it is SELinuxGHSA-5J5W-G665-5M35Lowgithub.com/containerd/containerd: Ambiguous OCI manifest parsingCVE-2021-41103Mediumgithub.com/containerd/containerd: Insufficiently restricted permissions on plugin directoriesCVE-2021-32760Mediumgithub.com/containerd/containerd: Archive package allows chmod of file outside of unpack target directoryCVE-2020-15257Mediumgithub.com/containerd/containerd: containerd-shim API Exposed to Host Network Containers

Stop the waste.
Protect your environment with Kodem.