HIGH🇵🇱 Wersja polska

CVE-2025-54867

CVSS 7.0v3.1pub. 2025-08-14upd. 2025-11-10

Youki is a container runtime written in Rust. Prior to version 0.5.5, if /proc and /sys in the rootfs are symbolic links, they can potentially be exploited to gain access to the host root filesystem. This issue has been patched in version 0.5.5.

CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Youki Dev Youki

    APP
    Youki-Dev
    < 0.5.5
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Container
CWE
References

Related vulnerabilities

CVE-2025-62161HIGH7.3ten sam produkt

Youki is a container runtime written in Rust. In versions 0.5.6 and below, the initial validation of the sourc...

CVE-2025-62596HIGH7.3ten sam produkt

Youki is a container runtime written in Rust. In versions 0.5.6 and below, youki’s apparmor handling performs ...