A security vulnerability can be exploited to coerce the containerd cloud platform into exposing the host s registry or users cloud-account credentials. The bug (CVE-2020-15157) is located in the container image-pulling process. The attackers can thus exploit the problem by crafting a malicious image in a remote registry and then convincing the user to access it through containerd. This can be done through email and other social-engineering avenues, according to the National Vulnerability Database.
Source: https://threatpost.com/containerd-bug-cloud-account-credentials/160546/