Vulnerability Database

299,759

Total vulnerabilities in the database

CVE-2025-62161

Youki is a container runtime written in Rust. In versions 0.5.6 and below, the initial validation of the source /dev/null is insufficient, allowing container escape when youki utilizes bind mounting the container's /dev/null as a file mask. This issue is fixed in version 0.5.7.

Published: Nov 5, 2025
Updated: Nov 10, 2025
CVE: CVE-2025-62161
GHSA: GHSA-4g74-7cff-xcv8
Severity: High
Exploit:

No technical information available.

CWEs:

CWE-363
CWE-61

Affected Software
References

Software	From	Fixed in
youki	-	0.5.7

https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2
https://github.com/youki-dev/youki/commit/5886c91073b9be748bd8d5aed49c4a820548030a
https://github.com/youki-dev/youki/security/advisories/GHSA-4g74-7cff-xcv8

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo