Affected by GO-2022-0344
and 11 other vulnerabilities
GO-2022-0344: containerd CRI plugin: Insecure handling of image volumes in github.com/containerd/containerd
GO-2022-0360: Ambiguous OCI manifest parsing in github.com/containerd/containerd
GO-2022-0482: containerd CRI plugin: Host memory exhaustion through ExecSync in github.com/containerd/containerd
GO-2022-0784: containerd-shim API Exposed to Host Network Containers in github.com/containerd/containerd
GO-2022-0803: containerd v1.2.x can be coerced into leaking credentials during image pull in github.com/containerd/containerd
GO-2022-0921: Archive package allows chmod of file outside of unpack target directory in github.com/containerd/containerd
GO-2022-0938: Insufficiently restricted permissions on plugin directories in github.com/containerd/containerd
GO-2022-1147: containerd CRI stream server vulnerable to host memory exhaustion via terminal in github.com/containerd/containerd
GO-2023-1573: Memory exhaustion via OCI image importer in github.com/containerd/containerd
GO-2025-3528: containerd has an integer overflow in User ID handling in github.com/containerd/containerd
GO-2025-4100: containerd affected by a local privilege escalation via wide permissions on CRI directory in github.com/containerd/containerd
GO-2025-4108: containerd CRI server: Host memory exhaustion through Attach goroutine leak in github.com/containerd/containerd
The highest tagged major version is
v2.
package
Version:
v1.2.13
Opens a new window with list of versions in this module.
Published: Feb 18, 2020
License: Apache-2.0
Opens a new window with license information.
Imports: 17
Opens a new window with list of imports.
Imported by: 256
Opens a new window with list of known importers.
Documentation
¶
Package archive provides a Docker and OCI compatible importer
AddRefPrefix prepends the given image prefix to tag-only references,
while leaving returning full references unmodified.
DigestTranslator creates a digest reference by adding the
digest to an image name
FilterRefPrefix restricts references to having the given image
prefix. Tag-only references will have the prefix prepended.
ImportIndex imports an index from a tar archive image bundle
- implements Docker v1.1, v1.2 and OCI v1.
- prefers OCI v1 when provided
- creates OCI index for Docker formats
- normalizes Docker references and adds as OCI ref name
e.g. alpine:latest -> docker.io/library/alpine:latest
- existing OCI reference names are untouched
- TODO: support option to compress layers on ingest
Source Files
¶
Click to show internal directories.
Click to hide internal directories.