[Git][security-tracker-team/security-tracker][master] Add CVE-2024-25621/containerd

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
80e25059 by Salvatore Bonaccorso at 2025-11-06T21:28:54+01:00
Add CVE-2024-25621/containerd

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -363,7 +363,10 @@ CVE-2025-10955 (Improper Neutralization of Input During Web Page Generation (XSS
 CVE-2025-10885 (A maliciously crafted file, when executed on the victim's machine, can ...)
 	NOT-FOR-US: Autodesk
 CVE-2024-25621 (containerd is an open-source container runtime. Versions 0.1.0 through ...)
-	TODO: check
+	- containerd <unfixed>
+	NOTE: https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w
+	NOTE: Fixed by: https://github.com/containerd/containerd/commit/910171e90ec3a402c6669333483fbec9d0b414d7 (v2.2.0)
+	NOTE: Fixed by: https://github.com/containerd/containerd/commit/0450f046e6942e513d0ebf1ef5c2aff13daa187f (v1.7.29)
 CVE-2022-50596 (D-Link DIR-1260 Wi-Fi router firmware versions up to and including v1. ...)
 	NOT-FOR-US: D-Link
 CVE-2022-50595 (Advantech iView versions prior to v5.7.04 build 6425contain a vulnerab ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/80e25059c82a884d017f5932256ff8340724e76c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/80e25059c82a884d017f5932256ff8340724e76c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251106/bcb2174d/attachment.htm>