CVSS: 8.8EPSS: 13%CPEs: 4EXPL: 1CVE-2020-15257 – containerd-shim API Exposed to Host Network Containers
https://notcve.org/view.php?id=CVE-2020-15257
01 Dec 2020 — containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. In containerd before versions 1.3.9 and 1.4.3, the containerd-shim API is improperly exposed to host network containers. Access controls for the shim’s API socket verified that the connecting process had an effective UID of 0, but did not otherwise restrict access to the abstract Unix domain socket. This would allow malicious containers running in the same network namespace as the shim, with an effective... • https://github.com/nccgroup/abstractshimmer • CWE-269: Improper Privilege Management CWE-669: Incorrect Resource Transfer Between Spheres •
CVSS: 6.1EPSS: 0%CPEs: 13EXPL: 0CVE-2020-15157 – containerd can be coerced into leaking credentials during image pull
https://notcve.org/view.php?id=CVE-2020-15157
16 Oct 2020 — In containerd (an industry-standard container runtime) before version 1.2.14 there is a credential leaking vulnerability. If a container image manifest in the OCI Image format or Docker Image V2 Schema 2 format includes a URL for the location of a specific image layer (otherwise known as a “foreign layer”), the default containerd resolver will follow that URL to attempt to download it. In v1.2.x but not 1.3.0 or later, the default containerd resolver will provide its authentication credentials if the server... • https://github.com/containerd/containerd/releases/tag/v1.2.14 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-522: Insufficiently Protected Credentials •