{"id":"GO-2022-0784","summary":"containerd-shim API Exposed to Host Network Containers in github.com/containerd/containerd","details":"containerd-shim API Exposed to Host Network Containers in github.com/containerd/containerd","aliases":["CVE-2020-15257","GHSA-36xw-fx78-c5r4"],"modified":"2026-02-04T02:49:36.891619Z","published":"2024-08-21T15:28:59Z","related":["CGA-f722-2cc3-m9qg"],"database_specific":{"review_status":"UNREVIEWED","url":"https://pkg.go.dev/vuln/GO-2022-0784"},"references":[{"type":"ADVISORY","url":"https://github.com/containerd/containerd/security/advisories/GHSA-36xw-fx78-c5r4"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-15257"},{"type":"FIX","url":"https://github.com/containerd/containerd/commit/4a4bb851f5da563ff6e68a83dc837c7699c469ad"},{"type":"WEB","url":"https://github.com/containerd/containerd/releases/tag/v1.4.3"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNKXLOLZWO5FMAPX63ZL7JNKTNNT5NQD"},{"type":"WEB","url":"https://research.nccgroup.com/2020/12/10/abstract-shimmer-cve-2020-15257-host-networking-is-root-equivalent-again"},{"type":"WEB","url":"https://security.gentoo.org/glsa/202105-33"},{"type":"WEB","url":"https://www.debian.org/security/2021/dsa-4865"}],"affected":[{"package":{"name":"github.com/containerd/containerd","ecosystem":"Go","purl":"pkg:golang/github.com/containerd/containerd"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.3.9"},{"introduced":"1.4.0"},{"fixed":"1.4.3"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2022-0784.json"}}],"schema_version":"1.7.3"}