Vulnerability in Youki-dev Youki

CVE-2025-62161

Youki is a container runtime written in Rust. In versions 0.5.6 and below, the initial validation of the source /dev/null is insufficient, allowing container escape when youki utilizes bind mounting the container's /dev/null as a file mask…

EPSS: 0.001 (16.7th percentile) — read the EPSS interpretation.

Affected products

Youki-dev Youki — versions < 0.5.7

Weakness classification (CWE)

References

https://github.com/youki-dev/youki/security/advisories/GHSA-4g74-7cff-xcv8 (x_refsource_CONFIRM)
https://github.com/youki-dev/youki/commit/5886c91073b9be748bd8d5aed49c4a820548030a (x_refsource_MISC)