HIGH🇬🇧 English

CVE-2026-53489

CVSS 8.2v4.0pub. 2026-07-01upd. 2026-07-02

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a bug where the CRI plugin restores container.log from a checkpoint image without validating a symlinked path. This could result in reading an arbitrary file on the host via kubectl logs. This issue has been fixed in versions 2.3.2, 2.2.5 and 2.1.9.

oryginał EN
CVSS Vector
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Linuxfoundation Containerd

    APP
    Linuxfoundation
    2.1.0 – 2.1.9 (bez)2.2.0 – 2.2.5 (bez)2.3.0 – 2.3.2 (bez)
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Container
CWE
Referencje

Powiązane podatności

CVE-2026-53488CRITICAL9.4ten sam produkt

containerd is an open-source container runtime. In versions prior to 1.7.33, 2.3.2, 2.2.5, 2.1.9, and 2.0.10 t...

CVE-2026-46680HIGH7.3ten sam produkt

containerd is an open-source container runtime. In versions prior to 1.7.32, 2.0.9, 2.2.4 and 2.3.1, container...

CVE-2026-53492HIGH8.4ten sam produkt

containerd is an open-source container runtime. In Versions prior to 2.3.2, 2.2.5 and 2.1.9, the CRI implement...

CVE-2024-25621HIGH7.3ten sam produkt

containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1...

CVE-2025-47290HIGH7.6ten sam produkt

containerd is a container runtime. A time-of-check to time-of-use (TOCTOU) vulnerability was found in containe...

CVE-2026-53489 — HIGH 8.2 | CVEbaza.pl