A vulnerability in containerd allows attackers to craft an image that can leak the host’s registry or cloud credentials when pulled from a registry.