Containerd
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Containerd.
By the Year
In 2026 there have been 0 vulnerabilities in Containerd. Last year, in 2025 Containerd had 1 security vulnerability published. Right now, Containerd is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 1 | 7.30 |
It may take a day or so for new Containerd vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Containerd Security Vulnerabilities
containerd Default Perms Leak (v <1.7.29 or <2.0.7) CVE-2024-25621
CVE-2024-25621
7.3 - High
- November 06, 2025
containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths `/var/lib/containerd`, `/run/containerd/io.containerd.grpc.v1.cri` and `/run/containerd/io.containerd.sandbox.controller.v1.shim` were all created with incorrect permissions. This issue is fixed in versions 1.7.29, 2.0.7, 2.1.5 and 2.2.0. Workarounds include updating system administrator permissions so the host can manually chmod the directories to not have group or world accessible permissions, or to run containerd in rootless mode.
Incorrect Execution-Assigned Permissions
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Containerd or by Containerd? Click the Watch button to subscribe.
