HIGH🇬🇧 English

CVE-2025-54867

CVSS 7.0v3.1pub. 2025-08-14upd. 2025-11-10

Youki is a container runtime written in Rust. Prior to version 0.5.5, if /proc and /sys in the rootfs are symbolic links, they can potentially be exploited to gain access to the host root filesystem. This issue has been patched in version 0.5.5.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Youki Dev Youki

    APP
    Youki-Dev
    < 0.5.5
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Container
CWE
Referencje

Powiązane podatności

CVE-2025-62161HIGH7.3ten sam produkt

Youki is a container runtime written in Rust. In versions 0.5.6 and below, the initial validation of the sourc...

CVE-2025-62596HIGH7.3ten sam produkt

Youki is a container runtime written in Rust. In versions 0.5.6 and below, youki’s apparmor handling performs ...

CVE-2025-54867 — HIGH 7.0 | CVEbaza.pl