漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Anthropic Sandbox Runtime Incorrectly Implemented Network Sandboxing
Vulnerability Description
Anthropic Sandbox Runtime is a lightweight sandboxing tool for enforcing filesystem and network restrictions on arbitrary processes at the OS level, without requiring a container. Prior to 0.0.16, due to a bug in sandboxing logic, sandbox-runtime did not properly enforce a network sandbox if the sandbox policy did not configure any allowed domains. This could allow sandboxed code to make network requests outside of the sandbox. A patch for this was released in v0.0.16.
CVSS Information
N/A
Vulnerability Type
保护机制失效
Vulnerability Title
Anthropic Sandbox Runtime 安全漏洞
Vulnerability Description
Anthropic Sandbox Runtime是Anthropic-experimental开源的一个轻量级的沙盒工具。 Anthropic Sandbox Runtime 0.0.16之前版本存在安全漏洞,该漏洞源于沙箱逻辑错误,可能导致网络请求绕过沙箱。
CVSS Information
N/A
Vulnerability Type
N/A