CVE-2025-54867

Published August 14th, 2025

View on NVD ↗

CVSS v3

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

Youki is a container runtime written in Rust. Prior to version 0.5.5, if /proc and /sys in the rootfs are symbolic links, they can potentially be exploited to gain access to the host root filesystem. This issue has been patched in version 0.5.5.

youki-dev/youki

A container runtime written in Rust

GitHub

7.43K