VDB
GO-2023-1574
GO-2023-1574
PUBLISHED
CVSS 9.300000190734863 CRITICAL
Privilege escalation via supplementary groups in github.com/containerd/containerd
Risk Scores
CVSS v4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| github.com | containerd/containerd | 0, 1.6.0, 0 |
Timeline
- Feb 17, 2023 CVE Published
- Feb 4, 2026 CVE Updated
References
- https://github.com/containerd/containerd/security/advisories/GHSA-hmfx-3pcx-653p advisory
- https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/ article
- https://github.com/containerd/containerd/commit/133f6bb6cd827ce35a5fb279c1ead12b9d21460a patch
- https://github.com/advisories/GHSA-4wjj-jwc9-2x96 url
- https://github.com/advisories/GHSA-fjm8-m7m6-2fjp url
- https://github.com/advisories/GHSA-phjr-8j92-w5v7 url
- https://github.com/moby/moby/security/advisories/GHSA-rc4r-wh2q-q6c4 url