Auth bypass in Containerd
CVE-2026-53492
containerd is an open-source container runtime. In Versions prior to 2.3.2, 2.2.5 and 2.1.9, the CRI implementation improperly trusts Container Device Interface (CDI) annotations found within untrusted checkpoint image metadata during cont…
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
Affected products
- Containerd — versions >= 2.1.0, < 2.1.9, >= 2.2.0, < 2.2.5, >= 2.3.0, < 2.3.2
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)