{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-08T15:58:05.245","vulnerabilities":[{"cve":{"id":"CVE-2025-64329","sourceIdentifier":"security-advisories@github.com","published":"2025-11-07T05:16:08.017","lastModified":"2025-12-31T18:34:48.060","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is fixed in versions 1.7.29, 2.0.7, 2.1.5 and 2.2.0. To workaround this vulnerability, users can set up an admission controller to control accesses to pods/attach resources."},{"lang":"es","value":"containerd es un tiempo de ejecución de contenedores de código abierto. Las versiones 1.7.28 e inferiores, 2.0.0-beta.0 hasta 2.0.6, 2.1.0-beta.0 hasta 2.1.4, y 2.2.0-beta.0 hasta 2.2.0-rc.1 contienen un error en la implementación de CRI Attach donde un usuario puede agotar la memoria en el host debido a fugas de goroutines. Este problema está solucionado en las versiones 1.7.29, 2.0.7, 2.1.5 y 2.2.0. Como solución alternativa a esta vulnerabilidad, los usuarios pueden configurar un controlador de admisión para controlar los accesos a los recursos pods/attach."}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-401"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:containerd:*:*:*:*:*:*:*:*","versionEndExcluding":"1.7.29","matchCriteriaId":"DD786582-F4AE-41DD-B61F-BD8AF4FC1A04"},{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:containerd:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0","versionEndExcluding":"2.0.7","matchCriteriaId":"07087EDC-9E6A-45D1-B6D2-E7F4016CD46E"},{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:containerd:*:*:*:*:*:*:*:*","versionStartIncluding":"2.1.0","versionEndExcluding":"2.1.5","matchCriteriaId":"9E760B42-E25C-4780-85AE-D003D6425700"},{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:containerd:2.2.0:beta0:*:*:*:*:*:*","matchCriteriaId":"EEF71FE5-2286-4D94-82DD-7509CE85F1F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:containerd:2.2.0:beta1:*:*:*:*:*:*","matchCriteriaId":"3290FD7B-0A16-4968-9800-78B947EF213D"},{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:containerd:2.2.0:beta2:*:*:*:*:*:*","matchCriteriaId":"E4352A29-4DFC-4EBE-BE0E-97DEB76E5A30"},{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:containerd:2.2.0:rc0:*:*:*:*:*:*","matchCriteriaId":"57685264-6950-4CB9-ACBE-6944EB3B2C1C"},{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:containerd:2.2.0:rc1:*:*:*:*:*:*","matchCriteriaId":"4D640701-1D0B-41B7-83B0-79592902E6AC"}]}]}],"references":[{"url":"https://github.com/containerd/containerd/commit/083b53cd6f19b5de7717b0ce92c11bdf95e612df","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/containerd/containerd/security/advisories/GHSA-m6hq-p25p-ffr2","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}}]}