Summary
runc: Malicious image with /dev symlink can trigger limited host filesystem integrity violations
References
Related vulnerabilities
All Supply chain →- MEDIUMGHSA-WVRH-2F4M-924V
ChatterBot: Symlink-Following Arbitrary Write via UbuntuCorpusTrainer
- CRITICALGHSA-CCV6-R384-XP75
Langflow: BaseFileComponent-based nodes arbitrary file read with RCE exploit
- MEDIUMGHSA-3VGW-585J-4M45
BBOT: Path traversal (Zip-Slip) in unarchive module - incomplete fix for CVE-2025-10284
- HIGHGHSA-WV27-2VQP-J7G5
Gogs has the ability to import local repositories via Mirror Settings
- HIGHGHSA-PWX3-QCGW-VH7H
Gogs Vulnerable to CSRF Leading to Organization Owner Takeover
- HIGHGHSA-P9F5-H3RX-J5QW
Gogs Missing Authorization in Attachment Download