Browse all 4 CVE security advisories affecting youki-dev. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Youki-dev is a container runtime focused on performance and security, primarily used for running OCI-compliant containers. Historically, vulnerabilities associated with this project include remote code execution, privilege escalation, and container escape issues, often stemming from improper input validation and insecure default configurations. While no major public security incidents have been widely documented, the project maintains a moderate CVE count with four recorded vulnerabilities to date. Security characteristics emphasize isolation and minimal attack surface, though regular updates remain essential due to the inherent risks of container runtime environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-62596 | youki container escape and denial of service due to arbitrary write gadgets and procfs write redirects — youkiCWE-61 | 7.0 | - | 2025-11-05 |
| CVE-2025-62161 | youki container escape via "masked path" abuse due to mount race conditions — youkiCWE-363 | 8.4 | - | 2025-11-05 |
| CVE-2025-54867 | Youki Symlink Following Vulnerability — youkiCWE-61 | 7.0 | High | 2025-08-14 |
| CVE-2025-27612 | Libcontainer is affected by capabilities elevation — youkiCWE-276 | 5.9 | Medium | 2025-03-21 |
This page lists every published CVE security advisory associated with youki-dev. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.