Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in crun before 0.10.5. With a crafted image, it doesn't correctly check whether a target is a symlink, resulting in access to files outside of the container. This occurs in libcrun/linux.c and libcrun/chroot_realpath.c.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
crun 后置链接漏洞
Vulnerability Description
crun是一款使用C语言编写的OCI(开放容器倡议)容器运行时库。 crun 0.10.5之前版本中存在后置链接漏洞。攻击者可利用该漏洞获取容器外部的文件。
CVSS Information
N/A
Vulnerability Type
N/A