[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2025-31133":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-06T02:55:33.997Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":35,"aliases":36,"duplicate_of":9,"upstream":39,"downstream":40,"duplicates":135,"related":136,"reserved_at":9,"published_at":187,"modified_at":188,"state":189,"summary":190,"references_raw":199,"kevs":239,"epss":240,"epss_history":243,"metrics":518,"affected":532},"CVE-2025-31133","runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through 1.3.1, 1.4.0-rc.1 and 1.4.0-rc.2 files, runc would not perform sufficient verification that the source of the bind-mount (i.e., the container's /dev/null) was actually a real /dev/null inode when using the container's /dev/null to mask. This exposes two methods of attack:  an arbitrary mount gadget, leading to host information disclosure, host denial of service, container escape, or a bypassing of maskedPaths. This issue is fixed in versions 1.2.8, 1.3.3 and 1.4.0-rc.3.",null,[11,24],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-61","UNIX Symbolic Link (Symlink) Following","The product, when opening a file or directory, does not sufficiently account for when the file is a symbolic link that resolves to a target outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files.","weakness","Incomplete","Compound","High",[20],{"id":21,"name":22,"techniques":23},"CAPEC-27","Leveraging Race Conditions via Symbolic Links",[],{"_key":25,"id":25,"name":26,"description":27,"type":15,"status":28,"abstraction":29,"likelihood_of_exploit":9,"capec":30},"CWE-363","Race Condition Enabling Link Following","The product checks the status of a file or directory before accessing it, which produces a race condition in which the file can be replaced with a link before the access is performed, causing the product to access the wrong file.","Draft","Base",[31],{"id":32,"name":33,"techniques":34},"CAPEC-26","Leveraging Race Conditions",[],[],[37,38],"GHSA-9493-h29p-rfm2","GO-2025-4096",[],[41,43,45,47,49,51,53,55,57,59,61,63,65,67,69,71,73,75,77,79,81,83,85,87,89,91,93,95,97,99,101,103,105,107,109,111,113,115,117,119,121,123,125,127,129,131,133],{"_key":42},"SUSE-SU-2025:4073-2",{"_key":44},"SUSE-SU-2025:4079-1",{"_key":46},"SUSE-SU-2025:4080-1",{"_key":48},"UBUNTU-CVE-2025-31133",{"_key":50},"USN-7851-1",{"_key":52},"SUSE-SU-2025:4081-1",{"_key":54},"SUSE-SU-2025:21036-1",{"_key":56},"SUSE-SU-2025:21038-1",{"_key":58},"SUSE-SU-2025:21054-1",{"_key":60},"SUSE-SU-2025:21072-1",{"_key":62},"SUSE-SU-2025:21136-1",{"_key":64},"SUSE-SU-2025:3951-1",{"_key":66},"SUSE-SU-2025:4077-1",{"_key":68},"SUSE-SU-2026:0327-1",{"_key":70},"SUSE-SU-2026:20103-1",{"_key":72},"SUSE-SU-2026:20116-1",{"_key":74},"SUSE-SU-2026:20123-1",{"_key":76},"SUSE-SU-2026:20214-1",{"_key":78},"SUSE-SU-2026:20626-1",{"_key":80},"SUSE-SU-2026:20641-1",{"_key":82},"SUSE-SU-2025:3950-1",{"_key":84},"SUSE-SU-2025:4073-1",{"_key":86},"OPENSUSE-SU-2025:15705-1",{"_key":88},"OPENSUSE-SU-2025:20072-1",{"_key":90},"OPENSUSE-SU-2026:10073-1",{"_key":92},"OPENSUSE-SU-2026:20072-1",{"_key":94},"OPENSUSE-SU-2026:20080-1",{"_key":96},"OPENSUSE-SU-2026:20140-1",{"_key":98},"OPENSUSE-SU-2026:20305-1",{"_key":100},"MGASA-2025-0271",{"_key":102},"DEBIAN-CVE-2025-31133",{"_key":104},"RHSA-2025:19927",{"_key":106},"RHSA-2025:20957",{"_key":108},"RHSA-2025:21232",{"_key":110},"RHSA-2025:21328",{"_key":112},"RHSA-2026:0315",{"_key":114},"RHSA-2026:0331",{"_key":116},"RHSA-2026:0418",{"_key":118},"RHSA-2026:0425",{"_key":120},"RHSA-2026:0676",{"_key":122},"RHSA-2026:0701",{"_key":124},"RHSA-2026:0995",{"_key":126},"RHSA-2026:10703",{"_key":128},"RHSA-2026:1540",{"_key":130},"RHSA-2026:4531",{"_key":132},"RHSA-2026:4693",{"_key":134},"RHSA-2026:8325",[],[137,138,139,140,142,143,144,145,146,147,148,149,150,151,152,153,154,155,156,157,158,159,160,161,162,163,164,165,166,167,169,171,173,175,177,179,181,183,185],{"_key":42},{"_key":44},{"_key":46},{"_key":141},"CVE-2025-52881",{"_key":52},{"_key":54},{"_key":56},{"_key":58},{"_key":60},{"_key":62},{"_key":64},{"_key":66},{"_key":68},{"_key":70},{"_key":72},{"_key":74},{"_key":76},{"_key":78},{"_key":80},{"_key":82},{"_key":84},{"_key":86},{"_key":88},{"_key":90},{"_key":92},{"_key":94},{"_key":96},{"_key":98},{"_key":100},{"_key":168},"CGA-3XR8-WGQ5-85WQ",{"_key":170},"CGA-5G68-452V-P3Q9",{"_key":172},"CGA-7F93-7XFQ-Q45H",{"_key":174},"CGA-7V3M-9776-Q7WW",{"_key":176},"CGA-8GGX-55H4-H6VM",{"_key":178},"CGA-JCHC-M4Q4-HWMJ",{"_key":180},"CGA-VWG5-38V9-3MH8",{"_key":182},"CGA-X722-G652-7933",{"_key":184},"CGA-XFCP-W5JV-5V25",{"_key":186},"CGA-J6FG-V38R-FMWC","2025-11-06T18:47:47.335Z","2025-11-06T19:22:22.047Z","Analyzed",{"cisa_kev":191,"cisa_ransomware":191,"cisa_vendor":9,"epss_severity":192,"epss_score":193,"severity":194,"severity_score":195,"severity_version":196,"severity_source":197,"severity_vector":198,"severity_status":189},false,"low",0.00021,"high",7.8,"v3.1","nvd","CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",[200,212,218,222,226,230,234],{"url":201,"sources":202,"tags":205},"https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2",[203,197,204],"cve.org","osv_go",[206,207,208,209,210,211],"X Refsource CONFIRM","Mitigation","Patch","Third Party Advisory","WEB","Advisory",{"url":213,"sources":214,"tags":215},"https://github.com/opencontainers/runc/commit/1a30a8f3d921acbbb6a4bb7e99da2c05f8d48522",[203,197,204],[216,208,210,217],"X Refsource MISC","FIX",{"url":219,"sources":220,"tags":221},"https://github.com/opencontainers/runc/commit/5d7b2424072449872d1cd0c937f2ca25f418eb66",[203,197,204],[216,208,210,217],{"url":223,"sources":224,"tags":225},"https://github.com/opencontainers/runc/commit/8476df83b534a2522b878c0507b3491def48db9f",[203,197,204],[216,208,210,217],{"url":227,"sources":228,"tags":229},"https://github.com/opencontainers/runc/commit/db19bbed5348847da433faa9d69e9f90192bfa64",[203,197,204],[216,208,210,217],{"url":231,"sources":232,"tags":233},"https://nvd.nist.gov/vuln/detail/CVE-2025-31133",[204],[211],{"url":235,"sources":236,"tags":237},"https://github.com/opencontainers/runc",[204],[238],"PACKAGE",[],{"date":241,"score":193,"percentile":242},"2026-06-05",0.06067,[244,248,251,255,258,260,264,267,270,273,276,279,283,287,290,293,296,299,302,305,309,313,317,320,323,326,329,332,335,338,340,343,346,349,352,355,358,361,364,367,370,373,377,380,383,386,389,392,395,398,401,404,406,409,412,415,418,421,424,427,430,433,436,439,442,445,448,451,454,457,460,464,466,469,472,475,478,481,484,487,490,493,496,499,502,504,507,510,513,515],{"date":245,"score":246,"percentile":247},"2025-11-07",0.0001,0.00724,{"date":249,"score":246,"percentile":250},"2025-11-08",0.00722,{"date":252,"score":253,"percentile":254},"2025-11-09",0.00008,0.00519,{"date":256,"score":253,"percentile":257},"2025-11-10",0.00516,{"date":259,"score":253,"percentile":254},"2025-11-11",{"date":261,"score":262,"percentile":263},"2025-11-12",0.00009,0.00663,{"date":265,"score":262,"percentile":266},"2025-11-13",0.00662,{"date":268,"score":262,"percentile":269},"2025-11-14",0.00666,{"date":271,"score":262,"percentile":272},"2025-11-15",0.0067,{"date":274,"score":262,"percentile":275},"2025-11-16",0.00669,{"date":277,"score":262,"percentile":278},"2025-11-17",0.00667,{"date":280,"score":281,"percentile":282},"2025-11-18",0.00013,0.00728,{"date":284,"score":285,"percentile":286},"2025-11-19",0.00011,0.0049,{"date":288,"score":285,"percentile":289},"2025-11-20",0.0051,{"date":291,"score":285,"percentile":292},"2025-11-21",0.01038,{"date":294,"score":285,"percentile":295},"2025-11-22",0.01032,{"date":297,"score":285,"percentile":298},"2025-11-23",0.01023,{"date":300,"score":285,"percentile":301},"2025-11-24",0.01021,{"date":303,"score":285,"percentile":304},"2025-11-25",0.01017,{"date":306,"score":307,"percentile":308},"2025-11-26",0.00015,0.02042,{"date":310,"score":311,"percentile":312},"2025-11-27",0.00017,0.02928,{"date":314,"score":315,"percentile":316},"2025-11-28",0.00014,0.01715,{"date":318,"score":315,"percentile":319},"2025-11-29",0.01761,{"date":321,"score":315,"percentile":322},"2025-11-30",0.01769,{"date":324,"score":315,"percentile":325},"2025-12-01",0.01795,{"date":327,"score":315,"percentile":328},"2025-12-02",0.01793,{"date":330,"score":315,"percentile":331},"2025-12-03",0.01798,{"date":333,"score":281,"percentile":334},"2025-12-04",0.01542,{"date":336,"score":281,"percentile":337},"2025-12-05",0.01551,{"date":339,"score":281,"percentile":337},"2025-12-06",{"date":341,"score":281,"percentile":342},"2025-12-07",0.01546,{"date":344,"score":307,"percentile":345},"2025-12-08",0.02237,{"date":347,"score":307,"percentile":348},"2025-12-09",0.02256,{"date":350,"score":307,"percentile":351},"2025-12-10",0.02285,{"date":353,"score":307,"percentile":354},"2025-12-11",0.02284,{"date":356,"score":307,"percentile":357},"2025-12-12",0.02293,{"date":359,"score":307,"percentile":360},"2025-12-13",0.02275,{"date":362,"score":307,"percentile":363},"2025-12-14",0.02281,{"date":365,"score":307,"percentile":366},"2025-12-15",0.02271,{"date":368,"score":307,"percentile":369},"2025-12-16",0.02262,{"date":371,"score":307,"percentile":372},"2025-12-17",0.02279,{"date":374,"score":375,"percentile":376},"2025-12-18",0.00018,0.03593,{"date":378,"score":375,"percentile":379},"2025-12-19",0.03577,{"date":381,"score":375,"percentile":382},"2025-12-20",0.03575,{"date":384,"score":375,"percentile":385},"2025-12-21",0.03595,{"date":387,"score":375,"percentile":388},"2025-12-22",0.03574,{"date":390,"score":375,"percentile":391},"2025-12-23",0.03584,{"date":393,"score":375,"percentile":394},"2025-12-24",0.03579,{"date":396,"score":375,"percentile":397},"2025-12-25",0.03591,{"date":399,"score":375,"percentile":400},"2025-12-26",0.03587,{"date":402,"score":375,"percentile":403},"2025-12-27",0.036,{"date":405,"score":375,"percentile":400},"2025-12-28",{"date":407,"score":375,"percentile":408},"2025-12-29",0.03578,{"date":410,"score":375,"percentile":411},"2025-12-30",0.03562,{"date":413,"score":375,"percentile":414},"2025-12-31",0.03557,{"date":416,"score":375,"percentile":417},"2026-01-01",0.03637,{"date":419,"score":375,"percentile":420},"2026-01-02",0.03628,{"date":422,"score":375,"percentile":423},"2026-01-03",0.03621,{"date":425,"score":375,"percentile":426},"2026-01-04",0.03514,{"date":428,"score":375,"percentile":429},"2026-01-05",0.03498,{"date":431,"score":375,"percentile":432},"2026-01-06",0.0349,{"date":434,"score":375,"percentile":435},"2026-01-07",0.03515,{"date":437,"score":375,"percentile":438},"2026-01-08",0.0354,{"date":440,"score":375,"percentile":441},"2026-01-09",0.0355,{"date":443,"score":375,"percentile":444},"2026-01-10",0.03555,{"date":446,"score":375,"percentile":447},"2026-01-11",0.03537,{"date":449,"score":375,"percentile":450},"2026-01-12",0.03539,{"date":452,"score":311,"percentile":453},"2026-01-13",0.03487,{"date":455,"score":311,"percentile":456},"2026-01-14",0.03499,{"date":458,"score":311,"percentile":459},"2026-01-15",0.03456,{"date":461,"score":462,"percentile":463},"2026-01-16",0.00019,0.04021,{"date":465,"score":462,"percentile":463},"2026-01-17",{"date":467,"score":462,"percentile":468},"2026-01-18",0.03997,{"date":470,"score":462,"percentile":471},"2026-01-19",0.03947,{"date":473,"score":462,"percentile":474},"2026-01-20",0.03907,{"date":476,"score":462,"percentile":477},"2026-01-21",0.03895,{"date":479,"score":311,"percentile":480},"2026-01-22",0.0339,{"date":482,"score":311,"percentile":483},"2026-01-23",0.03438,{"date":485,"score":311,"percentile":486},"2026-01-24",0.03465,{"date":488,"score":311,"percentile":489},"2026-01-25",0.03447,{"date":491,"score":311,"percentile":492},"2026-01-26",0.03433,{"date":494,"score":311,"percentile":495},"2026-01-27",0.03418,{"date":497,"score":311,"percentile":498},"2026-01-28",0.03402,{"date":500,"score":311,"percentile":501},"2026-01-29",0.03424,{"date":503,"score":311,"percentile":501},"2026-01-30",{"date":505,"score":311,"percentile":506},"2026-01-31",0.03421,{"date":508,"score":311,"percentile":509},"2026-02-01",0.03505,{"date":511,"score":311,"percentile":512},"2026-02-02",0.03492,{"date":514,"score":311,"percentile":456},"2026-02-03",{"date":516,"score":311,"percentile":517},"2026-02-04",0.03478,[519,524,530],{"source":203,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":520},{"baseScore":521,"baseSeverity":522,"vectorString":523,"impactScore":9,"exploitabilityScore":9},7.3,"HIGH","CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",{"source":197,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":525,"cvss_v4_0":528},{"baseScore":195,"baseSeverity":522,"vectorString":198,"impactScore":526,"exploitabilityScore":527},10,2.8,{"baseScore":521,"baseSeverity":522,"vectorString":529,"impactScore":9,"exploitabilityScore":9},"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",{"source":204,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":531},{"baseScore":521,"baseSeverity":9,"vectorString":523,"impactScore":9,"exploitabilityScore":9},[533,555,569],{"ecosystem":534,"name":535,"vendor":536,"product":537,"cpe_part":9,"purl_type":538,"purl_namespace":536,"purl_name":537,"source":9,"versions":539},"Go","github.com/opencontainers/runc","github.com/opencontainers","runc","golang",[540,546,551],{"version":541,"is_range":542,"range_type":543,"version_start":9,"version_start_type":9,"version_end":544,"version_end_type":545,"fixed_in":9},"lt1_2_8",true,"semver","1.2.8","excluding",{"version":547,"is_range":542,"range_type":543,"version_start":548,"version_start_type":549,"version_end":550,"version_end_type":545,"fixed_in":9},"gte1_3_0_rc_1_lt1_3_3","1.3.0-rc.1","including","1.3.3",{"version":552,"is_range":542,"range_type":543,"version_start":553,"version_start_type":549,"version_end":554,"version_end_type":545,"fixed_in":9},"gte1_4_0_rc_1_lt1_4_0_rc_3","1.4.0-rc.1","1.4.0-rc.3",{"ecosystem":9,"name":537,"vendor":556,"product":537,"cpe_part":557,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":558},"linuxfoundation","a",[559,562,565,567],{"version":560,"is_range":542,"range_type":561,"version_start":9,"version_start_type":9,"version_end":544,"version_end_type":545,"fixed_in":9},"lt1.2.8","cpe",{"version":563,"is_range":542,"range_type":561,"version_start":564,"version_start_type":549,"version_end":550,"version_end_type":545,"fixed_in":9},"gte1.3.0_lt1.3.3","1.3.0",{"version":566,"is_range":191,"range_type":561,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.4.0:rc1",{"version":568,"is_range":191,"range_type":561,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.4.0:rc2",{"ecosystem":9,"name":537,"vendor":570,"product":537,"cpe_part":557,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":571},"opencontainers",[572,574,576],{"version":573,"is_range":542,"range_type":203,"version_start":9,"version_start_type":9,"version_end":544,"version_end_type":545,"fixed_in":9},"\u003C 1.2.8",{"version":575,"is_range":542,"range_type":203,"version_start":548,"version_start_type":549,"version_end":550,"version_end_type":545,"fixed_in":9},">= 1.3.0-rc.1, \u003C 1.3.3",{"version":577,"is_range":542,"range_type":203,"version_start":553,"version_start_type":549,"version_end":554,"version_end_type":549,"fixed_in":9},">= 1.4.0-rc.1, \u003C= 1.4.0-rc.3"]