It was discovered that containerd could be made to expose sensitive information when processing URLs in container image manifests. A remote attacker could use this to trick the user and obtain the user's registry credentials.
{ "availability": "No subscription required", "binaries": [ { "golang-github-docker-containerd-dev": "1.2.6-0ubuntu1~16.04.4", "containerd": "1.2.6-0ubuntu1~16.04.4" } ] }