[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-31030":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":86,"aliases":87,"duplicate_of":9,"upstream":90,"downstream":91,"duplicates":110,"related":111,"reserved_at":9,"published_at":120,"modified_at":121,"state":122,"summary":123,"references_raw":132,"kevs":195,"epss":196,"epss_history":199,"metrics":461,"affected":476},"CVE-2022-31030","containerd is an open source container runtime. A bug was found in the containerd's CRI implementation where programs inside a container can cause the containerd daemon to consume memory without bound during invocation of the `ExecSync` API. This can cause containerd to consume all available memory on the computer, denying service to other legitimate workloads. Kubernetes and crictl can both be configured to use containerd's CRI implementation; `ExecSync` may be used when running probes or when executing processes via an \"exec\" facility. This bug has been fixed in containerd 1.6.6 and 1.5.13. Users should update to these versions to resolve the issue. Users unable to upgrade should ensure that only trusted images and commands are used.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-400","Uncontrolled Resource Consumption","The product does not properly control the allocation and maintenance of a limited resource.","weakness","Draft","Class","High",[20,24,82],{"id":21,"name":22,"techniques":23},"CAPEC-147","XML Ping of the Death",[],{"id":25,"name":26,"techniques":27},"CAPEC-227","Sustained Client Engagement",[28],{"id":29,"name":30,"tactics":31,"countermeasures":35},"T1499","Endpoint Denial of Service",[32],{"id":33,"name":34},"TA0105","Impact",[36,41,45,49,53,57,61,65,69,73,78],{"id":37,"name":38,"tactic":39},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":40},"Detect",{"id":42,"name":43,"tactic":44},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":40},{"id":46,"name":47,"tactic":48},"D3-CSPP","Client-server Payload Profiling",{"name":40},{"id":50,"name":51,"tactic":52},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":40},{"id":54,"name":55,"tactic":56},"D3-NTSA","Network Traffic Signature Analysis",{"name":40},{"id":58,"name":59,"tactic":60},"D3-APCA","Application Protocol Command Analysis",{"name":40},{"id":62,"name":63,"tactic":64},"D3-NTCD","Network Traffic Community Deviation",{"name":40},{"id":66,"name":67,"tactic":68},"D3-RTSD","Remote Terminal Session Detection",{"name":40},{"id":70,"name":71,"tactic":72},"D3-ISVA","Inbound Session Volume Analysis",{"name":40},{"id":74,"name":75,"tactic":76},"D3-NTF","Network Traffic Filtering",{"name":77},"Isolate",{"id":79,"name":80,"tactic":81},"D3-ITF","Inbound Traffic Filtering",{"name":77},{"id":83,"name":84,"techniques":85},"CAPEC-492","Regular Expression Exponential Blowup",[],[],[88,89],"GHSA-5ffw-gxpp-mxpf","GO-2022-0482",[],[92,94,96,98,100,102,104,106,108],{"_key":93},"SUSE-SU-2022:2165-1",{"_key":95},"UBUNTU-CVE-2022-31030",{"_key":97},"SUSE-SU-2022:2341-1",{"_key":99},"OPENSUSE-SU-2024:12130-1",{"_key":101},"DSA-5162-1",{"_key":103},"MGASA-2022-0227",{"_key":105},"USN-5776-1",{"_key":107},"DEBIAN-CVE-2022-31030",{"_key":109},"USN-5521-1",[],[112,113,114,115,116,118],{"_key":93},{"_key":97},{"_key":99},{"_key":103},{"_key":117},"CGA-4J6M-X8X3-4RQJ",{"_key":119},"CGA-GC9J-RH9Q-MVC9","2022-06-06T00:00:00.000Z","2024-08-03T07:03:40.336Z","Modified",{"cisa_kev":124,"cisa_ransomware":124,"cisa_vendor":9,"epss_severity":125,"epss_score":126,"severity":127,"severity_score":128,"severity_version":129,"severity_source":130,"severity_vector":131,"severity_status":122},false,"low",0.00158,"medium",5.5,"v3.1","cve.org","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",[133,142,148,153,158,162,166,170,174,179,183,187,191],{"url":134,"sources":135,"tags":138},"https://github.com/containerd/containerd/security/advisories/GHSA-5ffw-gxpp-mxpf",[130,136,137],"nvd","osv_go",[139,140,141],"Third Party Advisory","WEB","Advisory",{"url":143,"sources":144,"tags":145},"https://github.com/containerd/containerd/commit/c1bcabb4541930f643aa36a2b38655e131346382",[130,136,137],[146,139,140,147],"Product","FIX",{"url":149,"sources":150,"tags":151},"http://www.openwall.com/lists/oss-security/2022/06/07/1",[130,136,137],[152,139,140],"Mailing List",{"url":154,"sources":155,"tags":156},"https://www.debian.org/security/2022/dsa-5162",[130,136,137],[157,139,140],"Vendor Advisory",{"url":159,"sources":160,"tags":161},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WSIGDBHAB3I75JBJNGWEPBTJPS2FOVHD/",[130,136],[157],{"url":163,"sources":164,"tags":165},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/REOZCUAPCA7NFDWYBDYX6EYXWLHABKBO/",[130,136],[157],{"url":167,"sources":168,"tags":169},"https://security.gentoo.org/glsa/202401-31",[130,136,137],[157,140],{"url":171,"sources":172,"tags":173},"https://nvd.nist.gov/vuln/detail/CVE-2022-31030",[137],[141],{"url":175,"sources":176,"tags":177},"https://github.com/containerd/containerd",[137],[178],"PACKAGE",{"url":180,"sources":181,"tags":182},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/REOZCUAPCA7NFDWYBDYX6EYXWLHABKBO",[137],[140],{"url":184,"sources":185,"tags":186},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WSIGDBHAB3I75JBJNGWEPBTJPS2FOVHD",[137],[140],{"url":188,"sources":189,"tags":190},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REOZCUAPCA7NFDWYBDYX6EYXWLHABKBO",[137],[140],{"url":192,"sources":193,"tags":194},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSIGDBHAB3I75JBJNGWEPBTJPS2FOVHD",[137],[140],[],{"date":197,"score":126,"percentile":198},"2026-06-04",0.3633,[200,203,206,209,212,215,218,221,224,227,230,233,236,239,242,246,249,252,255,258,261,264,266,269,272,275,278,281,284,286,288,291,295,298,301,304,307,310,313,316,319,322,324,327,330,333,336,339,342,345,348,351,354,357,360,363,366,369,372,375,378,381,384,387,390,393,396,399,402,404,407,410,413,415,417,419,421,424,427,430,433,435,438,441,444,447,450,453,455,458],{"date":201,"score":126,"percentile":202},"2025-11-04",0.3717,{"date":204,"score":126,"percentile":205},"2025-11-05",0.37161,{"date":207,"score":126,"percentile":208},"2025-11-06",0.37159,{"date":210,"score":126,"percentile":211},"2025-11-07",0.3718,{"date":213,"score":126,"percentile":214},"2025-11-08",0.37179,{"date":216,"score":126,"percentile":217},"2025-11-09",0.37163,{"date":219,"score":126,"percentile":220},"2025-11-10",0.37126,{"date":222,"score":126,"percentile":223},"2025-11-11",0.37151,{"date":225,"score":126,"percentile":226},"2025-11-12",0.37191,{"date":228,"score":126,"percentile":229},"2025-11-13",0.37203,{"date":231,"score":126,"percentile":232},"2025-11-14",0.37204,{"date":234,"score":126,"percentile":235},"2025-11-15",0.37202,{"date":237,"score":126,"percentile":238},"2025-11-16",0.37186,{"date":240,"score":126,"percentile":241},"2025-11-17",0.37166,{"date":243,"score":244,"percentile":245},"2025-11-18",0.00085,0.20691,{"date":247,"score":244,"percentile":248},"2025-11-19",0.20702,{"date":250,"score":244,"percentile":251},"2025-11-20",0.20673,{"date":253,"score":126,"percentile":254},"2025-11-21",0.37167,{"date":256,"score":126,"percentile":257},"2025-11-22",0.37169,{"date":259,"score":126,"percentile":260},"2025-11-23",0.37136,{"date":262,"score":126,"percentile":263},"2025-11-24",0.37121,{"date":265,"score":126,"percentile":220},"2025-11-25",{"date":267,"score":126,"percentile":268},"2025-11-26",0.37123,{"date":270,"score":126,"percentile":271},"2025-11-27",0.37133,{"date":273,"score":126,"percentile":274},"2025-11-28",0.37115,{"date":276,"score":126,"percentile":277},"2025-11-29",0.37094,{"date":279,"score":126,"percentile":280},"2025-11-30",0.37079,{"date":282,"score":126,"percentile":283},"2025-12-01",0.37194,{"date":285,"score":126,"percentile":232},"2025-12-02",{"date":287,"score":126,"percentile":232},"2025-12-03",{"date":289,"score":126,"percentile":290},"2025-12-04",0.37076,{"date":292,"score":293,"percentile":294},"2025-12-05",0.00109,0.29819,{"date":296,"score":293,"percentile":297},"2025-12-06",0.29823,{"date":299,"score":293,"percentile":300},"2025-12-07",0.29797,{"date":302,"score":293,"percentile":303},"2025-12-08",0.29804,{"date":305,"score":293,"percentile":306},"2025-12-09",0.29862,{"date":308,"score":293,"percentile":309},"2025-12-10",0.29925,{"date":311,"score":293,"percentile":312},"2025-12-11",0.29955,{"date":314,"score":293,"percentile":315},"2025-12-12",0.29977,{"date":317,"score":293,"percentile":318},"2025-12-13",0.2998,{"date":320,"score":293,"percentile":321},"2025-12-14",0.29956,{"date":323,"score":293,"percentile":309},"2025-12-15",{"date":325,"score":293,"percentile":326},"2025-12-16",0.29942,{"date":328,"score":293,"percentile":329},"2025-12-17",0.29991,{"date":331,"score":293,"percentile":332},"2025-12-18",0.30041,{"date":334,"score":293,"percentile":335},"2025-12-19",0.30056,{"date":337,"score":293,"percentile":338},"2025-12-20",0.30034,{"date":340,"score":293,"percentile":341},"2025-12-21",0.29986,{"date":343,"score":293,"percentile":344},"2025-12-22",0.29945,{"date":346,"score":293,"percentile":347},"2025-12-23",0.29918,{"date":349,"score":126,"percentile":350},"2025-12-24",0.37228,{"date":352,"score":126,"percentile":353},"2025-12-25",0.37286,{"date":355,"score":126,"percentile":356},"2025-12-26",0.37267,{"date":358,"score":126,"percentile":359},"2025-12-27",0.37292,{"date":361,"score":126,"percentile":362},"2025-12-28",0.37185,{"date":364,"score":126,"percentile":365},"2025-12-29",0.37156,{"date":367,"score":126,"percentile":368},"2025-12-30",0.3715,{"date":370,"score":126,"percentile":371},"2025-12-31",0.37211,{"date":373,"score":126,"percentile":374},"2026-01-01",0.37361,{"date":376,"score":126,"percentile":377},"2026-01-02",0.37332,{"date":379,"score":126,"percentile":380},"2026-01-03",0.37322,{"date":382,"score":126,"percentile":383},"2026-01-04",0.37158,{"date":385,"score":126,"percentile":386},"2026-01-05",0.3714,{"date":388,"score":126,"percentile":389},"2026-01-06",0.37145,{"date":391,"score":126,"percentile":392},"2026-01-07",0.37174,{"date":394,"score":126,"percentile":395},"2026-01-08",0.37199,{"date":397,"score":126,"percentile":398},"2026-01-09",0.37192,{"date":400,"score":126,"percentile":401},"2026-01-10",0.37195,{"date":403,"score":126,"percentile":202},"2026-01-11",{"date":405,"score":126,"percentile":406},"2026-01-12",0.37122,{"date":408,"score":126,"percentile":409},"2026-01-13",0.37099,{"date":411,"score":126,"percentile":412},"2026-01-14",0.37148,{"date":414,"score":126,"percentile":260},"2026-01-15",{"date":416,"score":126,"percentile":383},"2026-01-16",{"date":418,"score":126,"percentile":260},"2026-01-17",{"date":420,"score":126,"percentile":280},"2026-01-18",{"date":422,"score":126,"percentile":423},"2026-01-19",0.37026,{"date":425,"score":126,"percentile":426},"2026-01-20",0.37005,{"date":428,"score":126,"percentile":429},"2026-01-21",0.36983,{"date":431,"score":126,"percentile":432},"2026-01-22",0.36965,{"date":434,"score":126,"percentile":423},"2026-01-23",{"date":436,"score":126,"percentile":437},"2026-01-24",0.37031,{"date":439,"score":126,"percentile":440},"2026-01-25",0.36973,{"date":442,"score":126,"percentile":443},"2026-01-26",0.36904,{"date":445,"score":126,"percentile":446},"2026-01-27",0.369,{"date":448,"score":126,"percentile":449},"2026-01-28",0.36887,{"date":451,"score":126,"percentile":452},"2026-01-29",0.3686,{"date":454,"score":126,"percentile":452},"2026-01-30",{"date":456,"score":126,"percentile":457},"2026-01-31",0.36862,{"date":459,"score":126,"percentile":460},"2026-02-01",0.36966,[462,467,474],{"source":130,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":463,"cvss_v4_0":9},{"baseScore":128,"baseSeverity":464,"vectorString":131,"impactScore":465,"exploitabilityScore":466},"MEDIUM",6,4.6,{"source":136,"cvss_v2_0":468,"cvss_v3_0":9,"cvss_v3_1":473,"cvss_v4_0":9},{"baseScore":469,"baseSeverity":9,"vectorString":470,"impactScore":471,"exploitabilityScore":472},2.1,"AV:L/AC:L/Au:N/C:N/I:N/A:P",2.9,3.9,{"baseScore":128,"baseSeverity":464,"vectorString":131,"impactScore":465,"exploitabilityScore":466},{"source":137,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":475,"cvss_v4_0":9},{"baseScore":128,"baseSeverity":9,"vectorString":131,"impactScore":465,"exploitabilityScore":466},[477,491,500,508,519],{"ecosystem":9,"name":478,"vendor":478,"product":478,"cpe_part":479,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":480},"containerd","a",[481,486],{"version":482,"is_range":483,"range_type":130,"version_start":9,"version_start_type":9,"version_end":484,"version_end_type":485,"fixed_in":9},"\u003C 1.5.13",true,"1.5.13","excluding",{"version":487,"is_range":483,"range_type":130,"version_start":488,"version_start_type":489,"version_end":490,"version_end_type":485,"fixed_in":9},">= 1.6.0, \u003C 1.6.6","1.6.0","including","1.6.6",{"ecosystem":9,"name":492,"vendor":493,"product":494,"cpe_part":495,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":496},"debian linux","debian","debian_linux","o",[497],{"version":498,"is_range":124,"range_type":499,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0","cpe",{"ecosystem":9,"name":501,"vendor":502,"product":501,"cpe_part":495,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":503},"fedora","fedoraproject",[504,506],{"version":505,"is_range":124,"range_type":499,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"35",{"version":507,"is_range":124,"range_type":499,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"36",{"ecosystem":509,"name":510,"vendor":511,"product":478,"cpe_part":9,"purl_type":512,"purl_namespace":511,"purl_name":478,"source":9,"versions":513},"Go","github.com/containerd/containerd","github.com/containerd","golang",[514,517],{"version":515,"is_range":483,"range_type":516,"version_start":9,"version_start_type":9,"version_end":484,"version_end_type":485,"fixed_in":9},"lt1_5_13","semver",{"version":518,"is_range":483,"range_type":516,"version_start":488,"version_start_type":489,"version_end":490,"version_end_type":485,"fixed_in":9},"gte1_6_0_lt1_6_6",{"ecosystem":9,"name":478,"vendor":520,"product":478,"cpe_part":479,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":521},"linuxfoundation",[522,524],{"version":523,"is_range":483,"range_type":499,"version_start":9,"version_start_type":9,"version_end":484,"version_end_type":485,"fixed_in":9},"lt1.5.13",{"version":525,"is_range":483,"range_type":499,"version_start":488,"version_start_type":489,"version_end":490,"version_end_type":485,"fixed_in":9},"gte1.6.0_lt1.6.6"]