Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-61 — Vulnerability Class 100

100 vulnerabilities classified as CWE-61. AI Chinese analysis included.

CWE-61 represents a critical input validation weakness where software fails to adequately verify the final destination of a symbolic link during file or directory access operations. Attackers typically exploit this vulnerability by crafting malicious symlinks that point to sensitive system files or directories outside the application’s intended control sphere. When the vulnerable program follows these links, it inadvertently reads, modifies, or deletes unauthorized data, potentially leading to information disclosure, privilege escalation, or denial of service. To mitigate this risk, developers must implement strict path canonicalization and validation mechanisms before processing any file paths. This involves resolving symbolic links to their absolute physical paths and ensuring the resulting target resides within an allowed directory tree. Additionally, using secure file handling APIs that explicitly reject symlink traversal or employing chroot jails can effectively isolate applications from such path manipulation attacks.

MITRE CWE Description
The product, when opening a file or directory, does not sufficiently account for when the file is a symbolic link that resolves to a target outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files. A product that allows UNIX symbolic links (symlink) as part of paths whether in internal code or through user input can allow an attacker to spoof the symbolic link and traverse the file system to unintended locations or access arbitrary files. The symbolic link can permit an attacker to read/write/corrupt a file that they originally did not have permissions to access.
Common Consequences (1)
Confidentiality, IntegrityRead Files or Directories, Modify Files or Directories
Mitigations (2)
ImplementationSymbolic link attacks often occur when a program creates a tmp directory that stores files/links. Access to the directory should be restricted to the program as to prevent attackers from manipulating the files.
Architecture and DesignFollow the principle of least privilege when assigning access rights to entities in a software system. Denying access to a file can prevent an attacker from replacing that file with a link to a sensitive file. Ensure good compartmentalization in the system to provide protected areas that can be trusted.
CVE IDTitleCVSSSeverityPublished
CVE-2025-65105 Apptainer ineffective application of selinux and apparmor --security options — apptainer 4.5 Medium2025-12-02
CVE-2025-64750 Singluarity ineffectively applies of selinux / apparmor LSM process labels — singularity 4.5 Medium2025-12-02
CVE-2025-62724 Open OnDemand allowlist bypass using symlinks in directory downloads (TOCTOU) — ondemand 4.3 Medium2025-11-20
CVE-2025-52881 runc: LSM labels can be bypassed with malicious config using dummy procfs files — runc 7.1 -2025-11-06
CVE-2025-52565 container escape due to /dev/console mount and related races — runc 7.3 -2025-11-06
CVE-2025-31133 runc container escape via "masked path" abuse due to mount race conditions — runc 5.5 -2025-11-06
CVE-2025-62596 youki container escape and denial of service due to arbitrary write gadgets and procfs write redirects — youki 7.0 -2025-11-05
CVE-2025-43991 Dell SupportAssist for Business PCs和Dell SupportAssist for Home PCs 安全漏洞 — SupportAssist for Home PCs 6.3 Medium2025-10-13
CVE-2025-11489 wonderwhy-er DesktopCommanderMCP filesystem.ts isPathAllowed symlink — DesktopCommanderMCP 4.5 Medium2025-10-08
CVE-2025-59829 Claude Code: Permission deny bypass is possible through symlink — claude-code 4.3AIMediumAI2025-10-03
CVE-2025-53881 SUSE-specific logrotate configuration allows escalation from mail user/group to root — Tumbleweed 7.8AIHighAI2025-10-02
CVE-2025-10854 Symlink Following in txtai leads to arbitrary file write when loading untrusted embedding indices 8.1 High2025-09-22
CVE-2025-46810 openSUSE Tumbleweed 安全漏洞 — Tumbleweed 7.8 -2025-09-02
CVE-2025-57802 Airlink's Daemon Symlink Vulnerability — daemon 6.5AIMediumAI2025-08-25
CVE-2025-54867 Youki Symlink Following Vulnerability — youki 7.0 High2025-08-14
CVE-2025-55345 Unsafe symlink following in restricted workspace-write sandbox leads to RCE 8.8 High2025-08-13
CVE-2025-5468 Ivanti多款产品 安全漏洞 — Connect Secure 5.5 Medium2025-08-12
CVE-2025-36564 Dell Encryption Admin Utilities 安全漏洞 — Encryption Admin Utilities 7.8 High2025-06-03
CVE-2025-23394 daily-backup.sh script in cyrus-imapd allows escalation from cyrus to root — openSUSE Tumbleweed 8.4AIHighAI2025-05-26
CVE-2025-43853 iwasm vulnerable to filesystem sandbox escape with symlink when using uvwasi feature — wasm-micro-runtime 6.5AIMediumAI2025-05-15
CVE-2025-1079 RCE In Google Web Designer — Web Designer 7.8 High2025-05-12
CVE-2025-30485 Century Systems FutureNet NXR和Century Systems FutureNet VXR 安全漏洞 — FutureNet NXR-1420 7.2 -2025-04-03
CVE-2025-3048 Path Traversal in AWS SAM CLI allows file copy to local cache — AWS Serverless Application Model Command Line Interface 6.5 Medium2025-03-31
CVE-2025-3047 Path Traversal in AWS SAM CLI allows file copy to build container — AWS Serverless Application Model Command Line Interface 6.5 Medium2025-03-31
CVE-2025-24832 Acronis Backup plugin for cPanel & WHM (Linux)和Acronis Backup extension for Plesk (Linux) 安全漏洞 — Acronis Backup plugin for cPanel & WHM 8.8 -2025-02-27
CVE-2024-45418 Zoom Apps for macOS - Symbolic Link Following — Zoom Apps for macOS 5.4 Medium2025-02-25
CVE-2025-22480 Dell SupportAssist OS Recovery 安全漏洞 — Dell SupportAssist OS Recovery 7.0 High2025-02-13
CVE-2025-24886 pwn.college has Symlink LFI in Dojo repos — dojo 7.7 High2025-01-30
CVE-2024-52535 Dell SupportAssist Client 安全漏洞 — SupportAssist for Home PCs 7.1 High2024-12-25
CVE-2024-47515 Pagure: generate_archive() follows symbolic links in temporary clones 8.1 High2024-12-24

Vulnerabilities classified as CWE-61 represent 100 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.