Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
Github GHSA |
GHSA-jpcc-p29g-p8mq | containerd image-triggered runtime DoS via unbounded group parsing |
Ubuntu USN |
USN-8471-1 | containerd vulnerabilities |
Ubuntu USN |
USN-8472-1 | containerd vulnerabilities |
Ubuntu USN |
USN-8473-1 | containerd vulnerabilities |
Fri, 03 Jul 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Fri, 03 Jul 2026 00:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Redhat
Redhat hummingbird |
|
| Weaknesses | CWE-770 | |
| CPEs | cpe:/a:redhat:hummingbird:1 | |
| Vendors & Products |
Redhat
Redhat hummingbird |
|
| References |
| |
| Metrics |
threat_severity
|
cvssV3_1
|
Thu, 02 Jul 2026 04:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Containerd
Containerd containerd |
|
| Vendors & Products |
Containerd
Containerd containerd |
Wed, 01 Jul 2026 18:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | containerd is an open-source container runtime. Versions prior to 1.7.33, 2.0.10, 2.1.9, 2.2.5 and 2.3.2, contain a vulnerability that allows a maliciously crafted image to cause a Denial of Service (DoS) condition. When creating a container from this image, memory exhaustion occurs, leading to an Out Of Memory (OOM) kill of the containerd process. This renders the container runtime API unavailable and can disrupt clients such as the Docker Engine or Kubernetes control-plane components. This issue has been fixed in versions 1.7.33, 2.0.10, 2.1.9, 2.2.5 and 2.3.2. | |
| Title | containerd image-triggered runtime DoS via unbounded group parsing | |
| Weaknesses | CWE-400 | |
| References |
| |
| Metrics |
cvssV4_0
|
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2026-07-01T18:34:06.714Z
Reserved: 2026-05-18T23:03:37.229Z
Link: CVE-2026-47262
Updated: 2026-07-01T18:33:58.095Z
No data.
OpenCVE Enrichment
Updated: 2026-07-08T13:45:03Z
Github GHSA
Ubuntu USN